RVI (Remote Virtual Interface)
1. Connect your iOS device to a Mac with USB
2. Open terminal and enter "rvictl -s deviceUUID" to start device with interface rvi0
3. Run wireshark and start capturing the packet on interface rvi0
4. Sotp interface rvi0 by enter "rvictl -x deviceUUID"
PS. deviceUUID is the UUID of your iOS device
Showing posts with label Wireshark. Show all posts
Showing posts with label Wireshark. Show all posts
Saturday, July 25, 2015
Tuesday, July 7, 2015
No interface available in Wireshark on Mac OS
Change the permission to 644 on the BFF (Berkeley Packet Filter) in /dev/
sudo chmod 644 /dev/bpf*
or
whoami to find out your name
sudo chown yourname:admin /dev/bp*
And restart wireshark!
sudo chmod 644 /dev/bpf*
or
whoami to find out your name
sudo chown yourname:admin /dev/bp*
And restart wireshark!
Thursday, July 31, 2014
NIC checksum offload enable/disable
To enable/disable NIC checksum offload:
[Windows]
. Go to Control panel -> Network and Internet -> Network and Sharing Center
. Click "Change adapter settings"
. Right click on the NIC and select "Properties"
. Click "Configure" -> Advanced tab
. You will find
. UDP Checksum Offload (IPv4)
. TCP Checksum Offload (IPv4)
. IPv4 Checksum Offload
. Enable/disable could be done there.
[Windows]
. Go to Control panel -> Network and Internet -> Network and Sharing Center
. Click "Change adapter settings"
. Right click on the NIC and select "Properties"
. Click "Configure" -> Advanced tab
. You will find
. UDP Checksum Offload (IPv4)
. TCP Checksum Offload (IPv4)
. IPv4 Checksum Offload
. Enable/disable could be done there.
Wednesday, July 30, 2014
Wireshark filter data in payload
. To filter packets with hex value "0xff 0x13" in payload
frame contains ff:13
frame contains ff:13
Subscribe to:
Posts (Atom)