Questions tagged [tcpdump]
Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression; the description is preceded by a time stamp, printed, by default, as hours, minutes, seconds, and fractions of a second since midnight.
8
questions
13
votes
1
answer
9k
views
Wireshark tcp filter: tcp[((tcp[12:1] & 0xf0) >> 2):4]
While reading this doc https://wiki.wireshark.org/CaptureFilters I found this line:
tcp[((tcp[12:1] & 0xf0) >> 2):4]
which figures out the TCP Header Length, but I can't find out how it ...
12
votes
4
answers
8k
views
Eavesdropping vs. sniffing
I'm taking a coursera course, and they take pains when talking about network security to distinguish between eavesdropping and sniffing.
According to their definitions, sniffing involves reading or ...
3
votes
2
answers
568
views
Decrypting network traffic and finding HTTPS private key
I've been battling with one school task for couple days and can't seem to find any idea how to solve it. The task is pretty simple:
Log in to the server using SSH. The answer to the task is in ...
3
votes
2
answers
13k
views
tcpdump packets have bad and incorrect checksums on localhost, how to investigate further?
Am investigating a macOS Catalina machine that is believed to be infected with malware. Have been viewing packets with tcpdump and noticed, on connecting to any web address, there are legit packet ...
1
vote
1
answer
878
views
Public Availability of a good Dataset in PCAP (TCPDUMP) format for IDS/IPS testing [closed]
I am trying to pass good reputable malicious traffic from an IPS. There are several sources on internet to explore datasets like the oldest I think DARPA set (not available in pcap format and not that ...
1
vote
0
answers
5k
views
How to decrypt a tls1.3 tcp packets in wireshark
I generated the public and private key with
openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout server_key.pem -out cert.pem
and I am using c sockets for the server and client with openssl, ...
1
vote
0
answers
14
views
Capture Packets of other devices in network [duplicate]
I'm challenged to capture packets sent from a client to the gateway in a network.
is it even possible to see the packets between client and gateway for me?
0
votes
0
answers
663
views
Kioptrix 2: Why netcat reverse shell executed in web browser via command injection bug doesn't work?
I've completed kioptrix level 2 challenge via sql injection, command injection, bash reverse shell, and local privilege escalation as part of my OSCP preparation.
https://www.vulnhub.com/entry/...