Comments on: Wireshark 1.2.0 available http://hackaday.com/2009/06/29/wireshark-1-2-0-available/ Fresh hacks every day Fri, 10 Feb 2012 18:02:36 +0000 hourly 1 http://wordpress.com/ By: tjhooker http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79790 Tue, 30 Jun 2009 14:25:29 +0000 http://hackaday.com/?p=12178#comment-79790 I use it for reversing sometimes. Like with key gens that return from a server. I can use the data to patch jumps in ollydbg etc

]]> By: saimhe http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79773 Tue, 30 Jun 2009 10:38:08 +0000 http://hackaday.com/?p=12178#comment-79773 During capture, use tshark -w instead. Afterwards, to speed up handling, turn off any irrelevant protocols (however a more restrictive capture filter might do better).

]]> By: babylon_zoo http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79751 Tue, 30 Jun 2009 05:48:21 +0000 http://hackaday.com/?p=12178#comment-79751 WS is not for huge packet capturing safari. You certainly would not use notepad to code a project like firefox…

They worked on this memory usage problem:

Several memory leaks have been found and fixed.

But at the time you are trying to display every packet on the screen and wanted to be able to scroll over them, you need to put those on memory… Using the ngrep method you put it on a file (and WS can do that too if you disable the display of packets in the gui)

]]> By: h_2_o http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79746 Tue, 30 Jun 2009 05:09:37 +0000 http://hackaday.com/?p=12178#comment-79746 harvie hit it on the head, wireshark is nice for small grabs, but if you try and do large data grabs with it, forget about it.

]]> By: Jack http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79742 Tue, 30 Jun 2009 04:02:12 +0000 http://hackaday.com/?p=12178#comment-79742 The easiest way to do WEP cracking is just to get a hold of a wireless card that supports packet injecting, and to use a BackTrack3/4 live cd or run it off of a USB thumb drive.
http://www.wildpackets.com/support/hardware/airopeek_12
those are some cards, google around and I’m sure you’ll find more.

]]> By: TJHooker http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79732 Tue, 30 Jun 2009 03:18:33 +0000 http://hackaday.com/?p=12178#comment-79732 Go do a attack on a WEP point from a NT machine and you’ll see why nobody bothers. It takes forever without injection. I forget why but you can’t put the chip into the mode it needs from NT without heavy reverse engineering.

I could be wrong.

]]> By: nanoc http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79728 Tue, 30 Jun 2009 02:29:44 +0000 http://hackaday.com/?p=12178#comment-79728 WEP cracker? You can crack WEP in windows with aircrack-ng. I believe if your card is supported you can also capture packets with it too but i believe aircrack-ng discontinued windows support a few years back. Cain n Able also for Windows.

]]> By: googfan http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79726 Tue, 30 Jun 2009 01:51:53 +0000 http://hackaday.com/?p=12178#comment-79726 but there really needs to be a wep cracker for windows

]]> By: Harvie http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79725 Tue, 30 Jun 2009 01:50:11 +0000 http://hackaday.com/?p=12178#comment-79725 i don’t like whireshark since it eats lot of memory (especialy when capuring lot of packets or for a long time).

go and try ngrep! for both windows and *nixes.
very handy:

ngrep -d eth0
or eg.:
ngrep -d wlan0 dst port 21 “USER|PASS” > http://ftp.txt

]]> By: googfan http://hackaday.com/2009/06/29/wireshark-1-2-0-available/comment-page-1/#comment-79722 Tue, 30 Jun 2009 01:32:51 +0000 http://hackaday.com/?p=12178#comment-79722 now all it needs is a wep cracker.

totally unrelated, i just built a tater gun that shoots spuds 350 yards!

]]>