Dark-Alex-17/kapow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b577dd93d3d8ab1eb8f8b4fb49cc4324c1a8c335
kapow/poc/examples/tcpdump/README.md
pancho horrillo b577dd93d3 Fix usage of sudo to prevent issues with the environment. 
Also fix a couple of typos.
2019-09-06 13:48:51 +02:00

16 lines
780 B
Markdown
Raw Blame History

Remote tcpdump sniffer with source filtering
============================================
1. Add any filter you want to the `tcpdump` command inside `tcpdump.pow` to filter
any traffic you don't want to be sniffed!
2. For the sake of simplicity, run `sudo kapow server tcpdump.pow`. In a
production environment, `tcpdump` should be run with the appropiate permissions,
but kapow can (and should) run as an unprivileged user.
3. In your local machine run: ```bash
curl http://localhost:8080/sniff/<network-interface> | sudo -E wireshark -k -i -
```
Again, for the sake of simplicity, `Wireshark` is running as root. If you don't want
to run it this way, follow this guide:
https://gist.github.com/MinaMikhailcom/0825906230cbbe478faf4d08abe9d11a
4. Profit!
Reference in New Issue View Git Blame Copy Permalink