Hi everyone,
My question is, i have an IP and a Port and i cant use nc IP Port | sudo wireshark -k -S -i - because it doesn't work with me on Win7 so how can i do that like directly or using CMD or Netcat on Win7?
Thank u so much
Do you have or can you load Putty with its utilities?
https://the.earth.li/~sgtatham/putty/0.72/htmldoc/Chapter7.html#plink
I have used plink to tcpdump on a remote machine and view locally in Wireshark. You would want to make a raw connection and pipe that into a Wireshark startup command.
Here is an example with ssh connection. Modify to make a raw plink connection to your monitor session:
https://osqa-ask.wireshark.org/questions/23609/remote-capture-via-ssh-and-pipe
Here is example connecting in raw mode:
C:\>plink -raw -P 22 192.168.1.1
SSH-2.0-OpenSSH_6.6.1p1 Debian-4~bpo70+1
Your string would be (filling in port and IP address for the monitor port):
plink -raw -P "Port" "IP" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -
Specify a path to plink if needed.
For future reference: https://nmap.org/ncat/ "Ncat is integrated with Nmap and is available in the standard Nmap download packages (including source code and Linux, Windows, and Mac binaries) available from the Nmap download page. "
Comments
That command line won't work on Windows as it's using commands usually found on Linux\macOS\Unix.
What are you trying to achieve with the
nc IP Portpart?i open a monitor on this port (on ESP8266 WiFi modul), and in a Video they come to this step and typing this command line in Netcat and then the wireshark open automatically and starts observe all traffic of an connected Client using this IP and Port. But this command line doesn't work on Win7 ,what should i do?
Can you post a link to the source of the command?
https://www.youtube.com/watch?v=OM2Fq... exa. in munite 10:00