Wireshark: Difference between revisions

Content added Content deleted
Line 192: Line 192:
''google.com 216.58.197.46,216.239.32.10,216.239.34.10,216.239.36.10''
''google.com 216.58.197.46,216.239.32.10,216.239.34.10,216.239.36.10''


Even more Details:
Even more details:
tshark -i wlan0 -f "src port 53" -n -T fields -e frame.time -e ip.src -e ip.dst -e dns.qry.name -e dns.a
tshark -i wlan0 -f "src port 53" -n -T fields -e frame.time -e ip.src -e ip.dst -e dns.qry.name -e dns.a
''Apr 22, 2015 23:20:16.922103000 8.8.8.8 192.168.1.7 wprecon.com 198.74.56.127''
''Apr 22, 2015 23:20:16.922103000 8.8.8.8 192.168.1.7 wprecon.com 198.74.56.127''
Line 211: Line 211:
tshark -nr test.pcap --export-objects http,tmpfolder
tshark -nr test.pcap --export-objects http,tmpfolder
*Detailed output:
Figure out the Frame number:
tshark -r ~/dhcp.pcap bootp.option.dhcp == 1
View Full details:
tshark -r ~/dhcp.pcap -V frame.number == 12


<br />
<br />
;References
;References
Retrieved from "https://aman.awiki.org/wiki/Wireshark"