wireshark – Page 12 – WindowsTechs.com

Wireshark – Why is this ASCII data not human readable? [closed]

Posted on January 20, 2021 by user3728501

I just did a capture for an SSH transmission. At the bottom of the wireshark window, I see the following…

To open the window to the right, I right clicked the data segment and chose "Show Packet Bytes"
My question is why is th… Continue reading Wireshark – Why is this ASCII data not human readable? [closed]→

TCP Sequence numbers and timeouts

Posted on January 16, 2021 by CyberCrusader

How do sequence numbers and timeouts provide a reliable channel for application-layer data?

Continue reading TCP Sequence numbers and timeouts→

What is default wireless cards mode using Wireshark? [migrated]

Posted on January 12, 2021 by Danny

So, I think when I run Wireshark the wireless card works using promiscuous mode because if it is managed mode the wireless card will capture only packages directed to its. Monitor mode also cannot be used by default. Is it so?

Continue reading What is default wireless cards mode using Wireshark? [migrated]→

Dealing with Wireshark vulnerabilities in practice

Posted on January 3, 2021 by user968698

First some context:

We have software running on a production Windows server that runs within a local network of one of our customers. We installed our software on that server and some tools such as Wireshark and deliver paid support for o… Continue reading Dealing with Wireshark vulnerabilities in practice→

Did Wireshark capture an update of Adobe Acrobat Reader over an unencrypted connection?

Posted on December 28, 2020 by luke359

My home router is an AVM FritzBox and it’s able to log all incoming and outgoing traffic in a file format readable by Wireshark. Some days ago I started capturing all traffic for about an hour to get an understanding of what kind of traffi… Continue reading Did Wireshark capture an update of Adobe Acrobat Reader over an unencrypted connection?→

Can I elicit responses from "any remote host" on "all protocols" if I want to?

Posted on December 12, 2020 by Freddy Nova

An nmap scan of my test computer returns a result of “5357 / tcp open wsdapi”.
After some research, this is something that can be exploited.
It is explained here that:

By default, WSDAPI will listen on TCP ports 5357 and 5358. The Windows… Continue reading Can I elicit responses from "any remote host" on "all protocols" if I want to?→

Redirecting an IP address to a local IP address, something akin to the hosts file?

Posted on October 25, 2020 by KoyaCho

I’m currently (legally) reverse engineering a game written in Java, so the client I have is a jar file.
I started Wireshark and started intercepting the traffic between the server and the client.

As you can see, the game’s server has an I… Continue reading Redirecting an IP address to a local IP address, something akin to the hosts file?→

How to fix TCP stream in Wireshark with spurious retransmission?

Posted on October 11, 2020 by XRBtoTheMOON

This was for a CTF (it ended yesterday, so I’m not cheating), but I’ve spent so many hours on it that I really just want to understand what I should have done.
Here is the PasteBin Hex Dump. I imported and followed the TCP stream and get a… Continue reading How to fix TCP stream in Wireshark with spurious retransmission?→

Community ID support for Wireshark

Posted on October 7, 2020 by Christian Kreibich

By Christian Kreibich, Principal Engineer, Corelight The past few weeks have seen several developments around Community ID, our open standard for rendering network traffic flow tuples into a concise textual representation. I’d like to summarize them in… Continue reading Community ID support for Wireshark→

Community ID support for Wireshark

Posted on October 7, 2020 by Christian Kreibich