Results 1 to 9 of 9

Thread: Wireshark not capturing correclty in BT5 VM

  1. #1
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    2

    Default Wireshark not capturing correclty in BT5 VM

    Hello, i am using a Vm of 32bit Backtrack 5. i am using a usb wifi card (zd1211rw) and made it through running it properly.
    but i am having some trouble capturing live packets in wireshark:
    i am not able to capture http packets of other devices on the network. Almost only packets originating from and to the VM are captured.

  2. #2
    Just burned his ISO bsmartt's Avatar
    Join Date
    Dec 2010
    Location
    /dev/null/
    Posts
    7

    Default Re: Wireshark not capturing correclty in BT5 VM

    Did you put your wireless card into promiscuous mode?

  3. #3
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    2

    Default Re: Wireshark not capturing correclty in BT5 VM

    yes, it is in promiscuous mode..
    Did anyone capture packets using wireshark running in a VM?

  4. #4
    Just burned his ISO
    Join Date
    Sep 2011
    Posts
    5

    Default Re: Wireshark not capturing correclty in BT5 VM

    I am also having the same problem, it's because of the usb wireless card.

    Can anyone tell me how to put the card in promiscuous mode? i used airmon-ng to put it in monitor mode but i don't think i get all the http headers right.

    Thanks

  5. #5
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: Wireshark not capturing correclty in BT5 VM

    I don't regularly use wireshark to capture packets, but I seem to recall a checkbox in wireshark, under the device, that says "promiscuous mode". If you keep having trouble with wireshark, I'd try a different tool for packet capture.
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

  6. #6
    Just burned his ISO
    Join Date
    Nov 2011
    Posts
    2

    Default Re: Wireshark not capturing correclty in BT5 VM

    You have a little work to do.

    You will need to learn how to put your "CARD" into monitor mode.

    This link shoud have enough to get you started.

    http://www.willhackforsushi.com/books/377_eth_2e_06.pdf

    Side note. If I gotta put in those letters everytime I post. This will be my only post.

  7. #7
    Good friend of the forums gunrunr's Avatar
    Join Date
    Jan 2010
    Location
    shining my spoon
    Posts
    265

    Default Re: Wireshark not capturing correclty in BT5 VM

    nah after a couple posts the captcha bails on you because it knows you aren't a bot
    Wielder of the spoon of doom
    Summercon, Toorcon, Defcon, Bsides, Derbycon, Shmoocon oh my
    Come hang out with hackers on twitter @gunrunr556

  8. #8
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: Wireshark not capturing correclty in BT5 VM

    Quote Originally Posted by argool View Post
    Hello, i am using a Vm of 32bit Backtrack 5. i am using a usb wifi card (zd1211rw) and made it through running it properly.
    but i am having some trouble capturing live packets in wireshark:
    i am not able to capture http packets of other devices on the network. Almost only packets originating from and to the VM are captured.
    Wireless card must be in monitor mode in order to be able to capture packets not meant for your wireless card.
    Last edited by Snayler; 11-07-2011 at 05:24 AM.

  9. #9
    Just burned his ISO
    Join Date
    Nov 2011
    Posts
    2

    Default Re: Wireshark not capturing correclty in BT5 VM

    Quote Originally Posted by argool View Post
    Hello, i am using a Vm of 32bit Backtrack 5. i am using a usb wifi card (zd1211rw) and made it through running it properly.
    but i am having some trouble capturing live packets in wireshark:
    i am not able to capture http packets of other devices on the network. Almost only packets originating from and to the VM are captured.
    I have been tinkering with linux for a few years. I can not really spend that much time with it. I work on line doing configuration support for a secure proxy service ( windows based ) So my knowledge base is limited and commensurate to the time I can devote to it.

    I have the utmost regard and respect for the True linux people ( not some noob like me ) who have devoted so much time and

    effort helping others venturing into the world of linux.

    Anyways what I have found out is everything is relative. Everything depends on your flavor and version of a linux disrtro.

    BT is no exception. This carries over into computers, hardware and everything else you can list.


    Some of this tinkering I do is on a Toshiba Satellite p105-s6024 with the awus036h.

    On the Toshiba I have Ubuntu 10.10 sharing a dual boot with WinXP and I have BT3 and BT5 with both of those in a

    VMWorkstation environment on the WinXP.



    This is an example for WEP:


    This has worked best for me on Ubuntu 10.10 with varying degress of success on BT3 and BT5 in the VM environment.


    Configure Wireshark for: 802.11 and enter the wep key

    To configure Wireshark go to: Edit > Preferences > Protocols Selecting 802.11 clicking apply and scrolling down to IEEE and

    entering the wep key and clicking apply.

    From a Terminal:

    iwconfig wlan0 channel X ( X being the channel of the essid / LAN you are connected to )

    airmon-ng start wlan0 (creates mon0 in monitor mode)

    open wireshark and sniff on mon0
    Last edited by williameboley; 11-09-2011 at 05:13 PM.

Similar Threads

  1. Replies: 3
    Last Post: 04-22-2010, 07:06 PM
  2. Replies: 3
    Last Post: 03-21-2009, 04:13 AM
  3. pic capturing
    By imported_GONZO in forum OLD Newbie Area
    Replies: 5
    Last Post: 01-19-2008, 03:19 AM
  4. wireshark vs wireshark wifi?
    By Lordofdark176 in forum OLD Newbie Area
    Replies: 6
    Last Post: 07-05-2007, 05:47 AM
  5. Capturing RTP using Wireshark
    By dash0r in forum OLD Newbie Area
    Replies: 0
    Last Post: 04-17-2007, 09:24 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •