![]() The field text on its own may sometimes work (e.g. List possible fields: tshark -G Fields Cheatsheet Show detailed view of http packets and summaries of others: tshark -r -O http Print packet summaries for TCP packets to port 71: tshark -r -Y "tcp.dstport = 71"ĭisplay contents of TCP stream between 10.0.0.1 port 123 and 10.0.0.2 port 456: tshark -r -z "follow,tcp,ascii,10.0.0.1:123,10.0.0.2:456"ĭecrypt WPA traffic ( -o : overrides preference) and print http file data: tshark -r -o wlan.enable_decryption:TRUE -o "uat:80211_keys:\"wpa-pwd\",\"password: -o 'uat:rsa_keys:"./server_private_key.pem",""' -Tfields -e textĭecrypt with pre master secret: tshark -r -o 'tls.keylog_file./premastersecret.txt' -T fields -e Print X.509 certs: tshark -r -T fields -R "" -e x509sat.printableString List User-Agents: tshark -r -T fields -e er_agent Print field-formatted: tshark -r -T fields -e -e. Print TCP conversations: tshark -r -z conv,tcp (add -q to suppress packet info)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |