login
« previous next »
Pages: 1   Go Down

Author Topic: da .ecp a .pcap  (Read 3066 times)

nogravity

  • Newbie
  • *
  • Posts: 23
    • View Profile
on: February 02, 2012, 01:09:12 PM
Ciao a tutti, non so se sia la sezione giusta, eventualmente spostate pure.

Come da titolo, esiste un tool per convertire i file di log di ettercap (appunto gli .ecp) in .pcap?

Il mio fine ultimo è quello di ottenere un file .pcap partendo dal log di ettercap per poi "darlo in pasto" a Xplico  :)

Grazie in anticipo


ZEROF

  • Hero Member
  • *****
  • Posts: 1247
    • View Profile
    • Pen Tester
Reply #1 on: February 02, 2012, 05:14:10 PM
And if you use option -w or --write <file>. Check with big brother (GOOGLE) Manual Reference Pages  - ETTERCAP ( 8 ).  8)


Quote
WRITE packet to a pcap file
This is useful if you have to use "active" sniffing (arp poison) on a switched LAN but you want to analyze the packets with tcpdump or ethereal. You can use this option to dump the packets to a file and then load it into your favourite application.
NOTE: dump file collect ALL the packets disregarding the TARGET. This is done because you may want to log even protocols not supported by ettercap, so you can analyze them with other tools.

TIP: you can use the -w option in conjunction with the -r one. This way you will be able to filter the payload of the dumped packets or decrypt WEP-encrypted WiFi traffic and dump them to another file.
« Last Edit: February 02, 2012, 05:17:38 PM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

nogravity

  • Newbie
  • *
  • Posts: 23
    • View Profile
Reply #2 on: February 02, 2012, 05:55:55 PM
Thank ZEROF, it work fine!

I had looked at man ettercap but I had not read that section! :-)

Bye


Pages: 1   Go Up
« previous next »