-
Notifications
You must be signed in to change notification settings - Fork 0
Free, complete & cool packet sniffer for Unix-like systems
License
GPL-3.0, Unknown licenses found
Licenses found
GPL-3.0
LICENCE
Unknown
COPYING
blacklight/tcpsmash
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
============================ 0. Table of contents ============================ 1. Description 2. Requirements 3. Installation 4. Usage 4.1. tcpsmash 4.2. nctcpsmash 5. Author 6. Licence ============================ 1. Description tcpsmash is an application designed to capture packets on a network interface and show on standard output, or on a log file, the content of the packet and info about the source/dest IP and source/dest port. nctcpsmash is a pseudo-graphical interface to tcpsmash developed using NCurses library. 2. Requirements In according to be compiled, the application needs - A Linux-based system - GCC compiler - PCAP libraries (http://www.tcpdump.org/pcap.htm) - NCurses (for nctcpsmash, on Debian-like distros do `apt-get install ncurses-devel' ) - GC garbage collector, to free unused and allocated memory and prevent memory leaks (if you have not GC installed or want to build (nc)tcpsmash without GC support, build it via `make HAS_GC= LDGC=' ) 3. Installation goto -> INSTALL 4. Usage 4.1. tcpsmash Usage: tcpsmash [-h] [-l] [-n] [-v] [-q] [-D] [-f "<string>"] [-C "<string"] [-w <logfile>] [-F <logfile>] [-c <count>] -i <interface> -n Do not use promiscuous mode (default mode for tcpsmash) -h Print this help and exit -l Show the active network interfaces -q Generate quick output, with a tcpdump-like flavour -D Dump each packet on output, without printing additional info -v Print info about the version of the program -w logfile Write the output to a log file in binary format. The file will be then read using -F option -F logfile Read packets from a dump file previously created by using -w <logfile> -c count Only capture "count" packets and exit -f "<string>" Use a filter string on the packets in BPF format, i.e. "tcp dst port 80" -C "<string>" Only capture packets containing "string" in any part of them (headers, application contents...), i.e. "password:" You can also specify a regex with this option, between / and /, i.e. -C "/password:\s*[a-z]+/" -i interface Choose a network interface to sniff 4.2. nctcpsmash Usage: nctcpsmash [-h] [-n] [-v] [-f "<string>"] [-C "<string"] [-c <count>] [-i <interface>] -h Print this help and exit -v Print info about the version of the program -c count Only capture "count" packets and exit -f "<string>" Use a filter string on the packets in BPF format, i.e. "tcp dst port 80" -C "<string>" Only capture packets containing "string" in any part of them (headers, application contents...), i.e. "password:". You can also specify a regex with this option, between / and /, i.e. -C "/password:\s*[a-z]+/" -i interface Choose a network interface to sniff Commands: Up/Down arrow: select previous/next packet Left/Right arrow: goto first/last packet Page up/down: show previous/next page ENTER: show info about selected packet h: show this help w: write dumped traffic to a logfile, to be examined using tcpsmash -F logfile s: pause traffic sniffing r: resume traffic sniffing when paused q: quit (nc)tcpsmash t: if a TCP packet is selected, this command highlights the TCP stream the packet is belonging to T: toggle between HEX/ASCII view for the contents of sniffed packets / search_pattern | regex: highlight (in red) packets containing specified string or regex. To specify a string, just write it. To specify a regex, include it between / and / -> /this is a regex/ 5. Author BlackLight Email: <blacklight@autistici.org> Web: <http://blacklight.gotdns.org> 6. Licence Both tcpsmash and nctcpsmash are released under GPL licence, version 3.0. goto -> LICENCE for more details.
About
Free, complete & cool packet sniffer for Unix-like systems
Resources
License
GPL-3.0, Unknown licenses found
Licenses found
GPL-3.0
LICENCE
Unknown
COPYING
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published