Searching PCAP file for specific plaintext information

retag add tags

I am working on a lab for a class and we are being tasked with finding data in a pre-generated PCAP file using Wireshark. The data is communication between Amazon Alexa and WEMO plugs. In one particular PCAP the command given is: Alexa volume 8. How would you search an entire PCAP file for this data? Below is a description from the instructions.

In this case, there are two Belkin Wemo power outlet controllers to turn connected devices on or off. Additional commands are captured for queries made to the Alexa application. You will look at the data packets exchanged between the Amazon Echo Dot and the WeMo devices, and the Amazon Internet web services to answer queries. The goal will be to determine if any visible plaintext information is exchanged as information or commands, and if such data packets might be hijacked, exploited, replayed, or be subject to man-in-the-middle attacks.

NightZero88

asked 2018-09-10 20:55:54 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

Comments

I did try searching using frame contains but didn't find anything related to Alexa. It is possible that the data doesn't exist in the PCAP but considering the instructions I assumed it must be. Thank you for the help, I'll carry on assuming it is not in here.

NightZero88 (2018-09-11 17:54:08 +0000) edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Searching PCAP file for specific plaintext information edit

Comments

1 Answer

Comments