Dark-Alex-17/kapow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9c1b9b5bca608f56d61aa2fafe14f477be8254c5
kapow/poc/examples/tcpdump
History
Roberto Abdelkader Martínez Pérez 9c1b9b5bca Proper code box
2019-09-06 13:22:47 +02:00
..
README.md
Proper code box
2019-09-06 13:22:47 +02:00
tcpdump.pow
Remote tcpdump demo
2019-09-06 13:11:52 +02:00

README.md

Remote tcpdump sniffer with source filtering

  1. Add any filter you want to the tcpdump command inside tcpdump.pow to filter any traffic you don't want to be sniffed!
  2. For the sake of simplicity run sudo kapow server tcpdump.pow. In a production environment tcpdump should be run with the appropiate permissions but kapow can (and should) run as an unprivilieged user.
  3. In your local machine run: 
    curl http://localhost:8080/sniff/<network-interface> | sudo wireshark -k -i -
    Again, for the sake of simplicity Wireshark is running as root. If you don't want to run it this way follow this guide: https://gist.github.com/MinaMikhailcom/0825906230cbbe478faf4d08abe9d11a
  4. Profit!
Reference in New Issue View Git Blame Copy Permalink