monitor capture cap1 match ipv4 protocol tcp any any eq 22 monitor capture cap1 inter g1/0/1 both monitor capture cap1 start.
Wireshark is an application that runs natively inside of IOS XE on the Cat 9k. Depending on the model of the switch you may have to disable the 'packet injection' feature. A switch with monitor function will also work, provided the ISP does not check for or require specific MAC-addresses. And you have just located the password and username you have entered on the unprotected login page - whether or not the password and username are correct are irrelevant. Wireshark and Embedded Packet Capture (EPC) are methods of capturing and or displaying captured traffic on an IOS XE box. Then capturing on the WAN side is basically the same as on the LAN side. Once you get there look in the red text paragraphs and try to find what I was able to locate in the picture. Then you will right click on it and go down to "FOLLOW" then to "TCP STREAM". You can see exactly what I am talking about if you follow the pictures above. Then at the far right of the packet in the info section you will see something like ".login" or "/login". This drastically narrows the search and helps to slow down the traffic by minimizing what pops up on the screen. By filtering this you are now only looking at the post packet for HTTP. Set Port Mirror for PC and the port you want to capture packets. Ignore the splash screen and pull down the 'Window' menu, choose 'Sniffer' from the list of options in the Wireless Diagnostics menu. Connect PC to the SMB router or switch directly. Choose 'Open Wireless Diagnostics' from the list to open the wi-fi utility. Option+Click on the Wi-Fi menu item in the OS X menu bar. Wireshark comes with the option to filter packets. This entry was posted in Wireshark and tagged Mac, packet capture. HTTP (Hyper Text Transfer Protocol) is the protocol we will be dealing with when looking for passwords. By now your project should consist of two routers and two VPCS. Step 1: Load your Basic2Routers project Start by opening GNS3 and loading the Basic2Routers project you created earlier, if it is not already opened. The second step to finding the packets that contain login information is to understand the protocol to look for. In this exercise, you will capture packets passing between the two routers in your Basic2Routers GNS3 project.
0 Comments
Leave a Reply. |