da .ecp a .pcap

Started by nogravity, February 02, 2012, 01:09:12 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

nogravity

February 02, 2012, 01:09:12 PM
Ciao a tutti, non so se sia la sezione giusta, eventualmente spostate pure.

Come da titolo, esiste un tool per convertire i file di log di ettercap (appunto gli .ecp) in .pcap?

Il mio fine ultimo è quello di ottenere un file .pcap partendo dal log di ettercap per poi "darlo in pasto" a Xplico  :)

Grazie in anticipo

ZEROF

#1
February 02, 2012, 05:14:10 PM Last Edit: February 02, 2012, 05:17:38 PM by ZEROF
And if you use option -w or --write <file>. Check with big brother (GOOGLE) Manual Reference Pages  - ETTERCAP ( 8 ).  8)


QuoteWRITE packet to a pcap file
This is useful if you have to use "active" sniffing (arp poison) on a switched LAN but you want to analyze the packets with tcpdump or ethereal. You can use this option to dump the packets to a file and then load it into your favourite application.
NOTE: dump file collect ALL the packets disregarding the TARGET. This is done because you may want to log even protocols not supported by ettercap, so you can analyze them with other tools.

TIP: you can use the -w option in conjunction with the -r one. This way you will be able to filter the payload of the dumped packets or decrypt WEP-encrypted WiFi traffic and dump them to another file.

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

nogravity

#2
February 02, 2012, 05:55:55 PM
Thank ZEROF, it work fine!

I had looked at man ettercap but I had not read that section! :-)

Bye
Print
Go Up Pages1
User actions