Dark-Alex-17/kapow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b577dd93d3d8ab1eb8f8b4fb49cc4324c1a8c335
kapow/poc/examples/tcpdump/README.md
pancho horrillo b577dd93d3 Fix usage of sudo to prevent issues with the environment. 
Also fix a couple of typos.
2019-09-06 13:48:51 +02:00

780 B
Raw Blame History

Remote tcpdump sniffer with source filtering

  1. Add any filter you want to the tcpdump command inside tcpdump.pow to filter any traffic you don't want to be sniffed!
  2. For the sake of simplicity, run sudo kapow server tcpdump.pow. In a production environment, tcpdump should be run with the appropiate permissions, but kapow can (and should) run as an unprivileged user.
  3. In your local machine run: ```bash curl http://localhost:8080/sniff/ | sudo -E wireshark -k -i - 
    Again, for the sake of simplicity, `Wireshark` is running as root. If you don't want
to run it this way, follow this guide:
https://gist.github.com/MinaMikhailcom/0825906230cbbe478faf4d08abe9d11a
  4. Profit!
Reference in New Issue View Git Blame Copy Permalink