Wireshark is a complete package filled with network analysis tools. Wireshark is not only a packet sniffer but also a packet analyzer, password hacker, and a firewall. It can also detect any denial of service attack on your network and can identify possible hacker. Wireshark is also used sometimes as a tool to detect if anyone is spying on you.
In this Wireshark Hacking tutorial, we will discuss how Wireshark can be used in multiple ways. As already discussed, Wireshark can be used to capture and detect passwords as well as to secure your network from outside intruders. So lets start with our Wireshark tutorial.
Wireshark is available for free of cost. You can download Wireshark from its official website by clicking here. For Linux or Ubuntu users, you can find Wireshark packages on the above link of its homepage. After Downloading Wireshark, install it in your system and launch the application.
Wireshark Hacking tutorial:
1: Capturing Packets:
First of all, we will learn to capture packets from Wireshark. After downloading and installing Wireshark, launch the application. Click the name of an Interface on then Interface list as shown below. Interface list contains your network adapters. If you are connected to a WiFi then select a Wireless Lan Adapter.
After selecting an Interface name, you can see the packets starting to show on your screen. These packets are being captured by Wireshark in real-time. You can stop packet capturing by clicking on the Stop button( A big Red Square button on the top left corner).
These packets are being captured from your network device. That means that these packets belongs to you and are coming or going out of your system. To capture the packets of other users connected on your Wireless network, enable promiscuous mode on your capture options.
Note: You can also see different color coding on your capture packets. These packets are color coded by default. For example: green is TCP traffic, dark blue is DNS traffic, light blue is UDP traffic, and black is TCP packets with problems. You can also add your custom color code by editing coloring mode in menu.
You can save these captured packets for later use. To save a packet, click on File and go to Export Packet Dissections. To open a Packet file, go to the main page and click on open.
2: Filtering Packets:
Filtering is used to identify a specific packet. For example, you can filter a traffic received by your browser or from an application. You can also filter packets going through protocols such as DNS, HTTP or TCP.
You can also right-click on a packet and select follow TCP stream. This will automatically add a filter of that packet and Wireshark will show all the packets related to it.
3: Inspecting Packets
Inspecting a packet helps you to analyze its details. This will let you know the origin of the packet and other details. To do so, click on a packet to select it and its details will be shown.
Right-click on any packet that looks important and select filter. This will show you all the related packets that have been captured.
This is just a basic Wireshark Hacking tutorial in which we discussed about capturing, filtering and analyzing packets. With Wireshark, you can secure your network, hack a network and even implement different network protocols.
by· Published April 20, 2016 · Updated May 6, 2016