First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How to silently install Wireshark on Windows with the SSHDUMP option

I'm trying to install Wireshark silently while still enabling the SSHdump option. From what I can see, the Wireshark installer does not contain a command line option for ‘SSHdump’. It doesn’t contain a command line for anything other than the defaults.

Currently I'm using: Wireshark-win64-3.0.2.exe /S

Does this option exist? Or is there a way to enable it after it is installed via command line?

LeroyJenkins's avatar
1
LeroyJenkins
asked 2019-08-23 14:30:27 +0000
Guy Harris's avatar
19.9k
Guy Harris
updated 2019-08-23 18:38:16 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

2 Answers

0

Figured this out on my own. There doesn't appear to be any command line options to enable this feature.

What I did was install Wireshark with /S, and then once installed in my install script I just copy the sshdump.exe that is contained within the Wireshark.exe installer (use something like 7-zip to open the .exe archive) and copy it to c:\program files\Wireshark\extcap.

Once sshdump.exe is copied to there, it loads everytime Wireshark loads.

LeroyJenkins's avatar
1
LeroyJenkins
answered 2019-08-28 12:36:02 +0000
edit flag offensive 0 remove flag delete link
more

Comments

You might want to raise an enhancement request at the Wireshark Bugzilla to add suitable switches to the installer.

grahamb's avatar grahamb (2019-08-28 12:44:38 +0000) edit
more
  • delete

Hi: Thanks for the steps. I too was able to do this by:

1: Download ... unzip the Windows Wireshark.exe program to a sub-folder
2: You'll find: sshdump.exe inside of the /extcab folder
3: Now: install Wireshark onto your Windows PC like normal
4: After Install: copy over (put) the sshdump.exe file into c:\programfiles\Wireshark\extcab folder
5: Launch Wireshark normally, and you will see the option for ssh remote capture (under the main capture screen)

This was rather helpful
NOTE: By default, the LInux install for Wireshark (comes with) (pre-built) to use the (remote capture process)

Take care

tech9425's avatar tech9425 (2020-05-09 17:48:09 +0000) edit
more
  • delete

Should that be the extcap folder?

Chuckc's avatar Chuckc (2020-05-09 18:14:50 +0000) edit
more
  • delete

Request opened to install extcap binaries by default on Windows (Bugzilla )

Chuckc's avatar Chuckc (2020-05-10 16:15:45 +0000) edit
more
  • delete
add a comment see more comments
0

The change to install extcap binaries (like sshdump.exe) from the command line in Silent mode has been merged. It is available for testing in the latest builds.

The Bugzilla entry for the patch. See the man page for syntax.

An unrelated issue led to the addition of libssh version in the output of sshdump --version:

C:\Program Files\Wireshark\extcap>sshdump --version
sshdump version 1.0.0
Compiled with libssh version 0.7.3
Running with libssh version 0.7.3/gnutls/zlib
Chuckc's avatar
3k
Chuckc
answered 2020-07-16 15:48:33 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer