Presentation is loading. Please wait.

Presentation is loading. Please wait.

Developer Lightening Talks

Published byHadi Darmadi Modified over 6 years ago

Similar presentations

Presentation on theme: "Developer Lightening Talks"— Presentation transcript:

1 Developer Lightening Talks

2 What is this? Talking about things we like
This is an open-discussion course Ask us!

3 Agenda 1/2 Extcap – Just a short overview Sniffing the Thingy
Capture using a netlink interface

4 Agenda 2/2 SSL Tips / Tricks Future of Wireshark

5 Extcap – Just a short overview

6 If the packets won’t come to Wireshark
Wireshark will go to the packets

7 Usage Scenarios Data residing on a different network environment
Data not being „networky“ at all System events and logs RF environments

8 Pipes to the rescue dumpcap understands pipes Easy right?

9 What can go wrong Restart / Start / Stop Broken pipe / Broken rights
Windows Configuration means restart

10 extcap external capture interface
First presented at SharkFest US‘13 by Mike Kershaw and Mike Ryan Wireshark-Beyond-Ethernet-and-Network-Interfaces_Kershaw-Ryan.pdf Part of Wireshark since 2.0 Mission statement: Utilize the pipe interface and make a nice gui for it

11 extcap features Start / Stop / Restart capture from interface
Handle interface configuration Handle runtime control

12 Capture Provide a list of interfaces Provide a list of Configs
Macbook:extcap rknall$ ./extcap_example.py --extcap-interfaces extcap {version=1.0}{help= extcap interface} interface {value=example1}{display=Example interface 1 for extcap} interface {value=example2}{display=Example interface 2 for extcap} Macbook:extcap rknall$ ./extcap_example.py --extcap-interface example1 --extcap-config arg {number=0}{call=--delay}{display=Time delay}{tooltip=Time delay between packages}{type=integer}{range=1,15}{default=5} arg {number=1}{call=--message}{display=Message}{tooltip=Package message content}{type=string}{required=true}{placeholder=Please enter a message here ...} ...

13 Interface Configuration
Various options Text, Integer, Bool, IP Addresses, Passwords (hashed), Date/Time, Files, Radio, Dropdown, Multicheck (parent dependency) Check for Ranges or with RegExp Mandatory fields

14 Interface Configuration (2)
Parameter get‘s stored Restore to defaults possible Help provided via website or local link

15 Interface configuration (3)
Reload functionality (WS 3.0) Reload calls extcap with all filled out parameters

16 Control while running Create a toolbar for your interface
Live control your capture and change settings Button, Text, Selector, Boolean, Help and Log

17 Where to go next?

18 extcap_example.py Python 2.7/3.x driven example
Implements all configuration options Implements all control options

19 Locate the extcap Folder in Wireshark/Help
Only global folders available Copy extcap_example.py there

20 Windows Users Create batch script for execution
Command Execution does not evaluate shell scripts Example in the header of extcap_example.py

21 Adapt the example Let‘s take a look at def extcap_capture(...)
Creates a pcap header Encapsulates data in pcap block

22 C-Based extcap Alternative: c-based extcap utility extap/extcap-base.h
Handles all extcap managment stuff for you Ensures correct and working extcap arguments extcap/ssh-base.h Handles ssh connections

23 Sniffing a thingy

24 Capture using a netlink interface

25 Wireshark and Capture Wireshark is like the microscope.
Allows you to zoom in to the bit level of a frame. Making a capture is like taking a tissue sample. You don’t use a microscope for that!

26 Linux capture (network)
Capture is a privileged operation. There need to be privileges assigned to the process. In Linux this can be handled through Capabilities. Capabilities are added to files in the filesystem. Processes launched from the file get these Capabilities. /sbin/setcap cap_net_raw,cap_net_admin=eip dumpcap

27 Linux capture (USB) Capture needs an interface.
Load kernel module usbmon. /sbin/modprobe usbmon Grant the user read access rights to the device. setfacl -m u:$USER:r /dev/usbmon*

28 Linux capture (netlink)
Capture needs an interface. Load kernel module nlmon. /sbin/modprobe nlmon Create a network interface for it. ip link add type nlmon ip link set nlmon0 up

29 SSL Tips / Tricks

30 Future of Wireshark

Download ppt "Developer Lightening Talks"

Similar presentations

Configuring APACS & AAN Controllers

Configuring APACS & AAN Controllers
Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.

Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.
DSX / Video Insight Driver Interface. Prerequisites for Video Insight DVR: 64 Bit Operating System (Windows 7 or equivalent) SQL Server 2008 R2 (Please.

DSX / Video Insight Driver Interface. Prerequisites for Video Insight DVR: 64 Bit Operating System (Windows 7 or equivalent) SQL Server 2008 R2 (Please.
1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.

1 Dynamic DNS. 2 Module - Dynamic DNS ♦ Overview The domain names and IP addresses of hosts and the devices may change for many reasons. This module focuses.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.

Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.
Using Eclipse. Getting Started There are three ways to create a Java project: 1:Select File > New > Project, 2 Select the arrow of the button in the upper.

Using Eclipse. Getting Started There are three ways to create a Java project: 1:Select File > New > Project, 2 Select the arrow of the button in the upper.
Calendar Browser is a groupware used for booking all kinds of resources within an organization. Calendar Browser is installed on a file server and in a.

Calendar Browser is a groupware used for booking all kinds of resources within an organization. Calendar Browser is installed on a file server and in a.
Linux Boot Up Process Bootstrapping –Bootstrapping is the standard term for “ starting up a computer”. During bootstrapping, the kernel is loaded into.

Linux Boot Up Process Bootstrapping –Bootstrapping is the standard term for “ starting up a computer”. During bootstrapping, the kernel is loaded into.
Chapter Apache Installation in Linux- Mandrake. Acknowledgment The following information has been obtained directly from www.mandrake.com www.mandrake.com.

Chapter Apache Installation in Linux- Mandrake. Acknowledgment The following information has been obtained directly from
Security SIG: Introduction to Tripwire Chris Harwood John Ives.

Security SIG: Introduction to Tripwire Chris Harwood John Ives.
27-Jun-15 Rails. What is Rails? Rails is a framework for building web applications This involves: Getting information from the user (client), using HTML.

27-Jun-15 Rails. What is Rails? Rails is a framework for building web applications This involves: Getting information from the user (client), using HTML.
Snippet Management The following screens demonstrate how to: 1. Access and view snippets 2. Create a local standard snippet, or a local class snippet 3.

Snippet Management The following screens demonstrate how to: 1. Access and view snippets 2. Create a local standard snippet, or a local class snippet 3.
Ch. 5 – Access Points. Overview Access Point Connection.

Ch. 5 – Access Points. Overview Access Point Connection.
Hacking the Bluetooth Pairing Authentication Process Graduate Operating System Mini Project Siyuan Jiang and Haipeng Cai.

Hacking the Bluetooth Pairing Authentication Process Graduate Operating System Mini Project Siyuan Jiang and Haipeng Cai.
Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.

Eucalyptus Virtual Machines Running Maven, Tomcat, and Mysql.
ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.

ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.
Module 4: Add Client Computers and Devices to the Network.

Module 4: Add Client Computers and Devices to the Network.
Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.

Switch Concepts and Configuration and Configuration Part II Advanced Computer Networks.
System Administration and Basic Functionality Version 4.0 – September 2007 Q-Advisor Quick Start.

System Administration and Basic Functionality Version 4.0 – September 2007 Q-Advisor Quick Start.

Similar presentations

Ads by Google