\Wireshark.exe "path-to-file-being-downloaded", wireshark starts with the content of the file, but complains it is "cut short in the middle of a packet".
Get-Content "path-to-file-being-downloaded" -wait will give me a tail -f like view on some gibberish that seems to represent the content of a pcap file. \Wireshark.exe -i - (without "-wait"), Wireshark will start without opening a file, thus does not seem to see the piped input. If I do Get-Content "path-to-file-being-downloaded" |. I guess this is because the pipe is sending an object, not a stream. Get-Content "path-to-file-being-downloaded" -wait |. The following does not work (with the PowerShall-almost-equivalent of tail -f): I want to see that file live in wireshark.exe as well, similar to the linux variant above. I believe the fritzbox router is using tcpdump internally, streaming the output as file down to my local windows downloads folder). It's a live capture from a Chrome session to being streamed to my downloads folder. So I have a pcap file that is being constantly filled with data. The target machine (AVM Fritzbox) does not have ssh or telnet (not anymore). Both works fine, as long as I have access to a shell and tcpdump. I can also start from a windows machine to a linux machine that has tcpdump installed: plink.exe -ssh -pw password "tcpdump -ni any -s 0 -w - not port 22" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i. On linux, I can capture a pcap file on another host with tcpdump and pipe it back to wireshark on the local machine for a live capture experience: ssh host sudo tcpdump -iany -U -s0 -w - 'not port 22' | wireshark-gtk -k -i. This is probably less a wireshark question and more a "how do I pipe a file into an application" on windows.
0 kommentar(er)
