First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Are elevated privileges required in Wireshark 3.0.0 on Windows?

  • retag add tags

Version 3.0.0 appears to be asking for elevated privileges when "finding local interfaces". We do not have this problem with version 2.6.6.

caweakley's avatar
3
caweakley
asked 2019-03-14 16:12:24 +0000
Guy Harris's avatar
19.9k
Guy Harris
updated 2019-03-14 20:58:50 +0000
edit flag offensive 0 remove flag close merge delete

Comments

Elevation shouldn't be required, what is your OS and capture library? Please post the contents (you can highlight and copy and paste) of the Wireshark -> Help -> About Wireshark -> Wireshark tab to give us the info.

grahamb's avatar grahamb (2019-03-14 16:15:34 +0000) edit
more
  • delete

Here is the info:

Version 3.0.0 (v3.0.0-0-g937e33de) 

Copyright 1998-2019 Gerald Combs <[email protected]> and contributors. License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 

Compiled (64-bit) with Qt 5.12.1, with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.9, with QtMultimedia, with AirPcap, with SBC, with SpanDSP, with bcg729. 

Running on 64-bit Windows 10 ...
(more)
caweakley's avatar caweakley (2019-03-14 16:40:39 +0000) edit
more
  • delete
add a comment see more comments

2 Answers

0

You're running on Windows and using npcap (an older version at that) as can be seen from the output with Npcap version 0.99-r4.

You've probably checked an npcap install option to require elevated permissions to capture. To fix this, download the npcap installer (currently 0.99-r9) and when installing ensure the option to require admin privileges to capture is unchecked.

grahamb's avatar
23.8k
grahamb
answered 2019-03-14 16:46:07 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Thank you, this was helpful.

caweakley's avatar caweakley (2019-03-14 19:34:08 +0000) edit
more
  • delete

If an answer has solved your issue, then please accept it by clicking the checkmark icon to the left of the answer. This informs other users with the same issue that this is a "good" answer.

grahamb's avatar grahamb (2019-03-14 19:41:48 +0000) edit
more
  • delete
add a comment see more comments
-1

As far as I know, wireshark ask for elevated privileges. I guess to handle promiscuous mode.

Roger's avatar
1
Roger
answered 2019-03-15 09:15:46 +0000
edit flag offensive 0 remove flag delete link
more

Comments

This is incorrect. Wireshark does not require elevated privileges. The capture library, e.g. npcap may be configured to do so, but that is external to Wireshark.

On other OS's e.g. Linux\OS X, then other configuration steps may be required to allow non-root access capturing.

grahamb's avatar grahamb (2019-03-15 10:53:47 +0000) edit
more
  • delete

You're right. I talking about defaults. And I like to limit this to elevated privileges. :)

Roger's avatar Roger (2019-03-18 11:31:30 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer