This Wireshark dissector is made to parse the HydraNFC sniffing tool output. See the original project: HydraNFC HydraBus.
To support this dissector, a .pcap file format output has been added to the hydrabus fw besides the .txt output.
Note that at this moment it's not yet available in the main trunk of hydraBus but on a specific branch available at: https://github.com/NicoHub/hydrafw/tree/pcap-output
The .pcap file enable to:
- display information more clearly than the simple .txt;
- decode and analyze data having been sniffed in raw format;
- check some data, as the CRC, to be sure sniffed data have been well recorded without error;
##Installation Wireshark has an embedded Lua interpreter since version 0.99.4. In some older versions Lua was available as a plugin. To see if your version of Wireshark supports Lua, go to:
- help menu
- About Wireshark
- Wireshark tab
- look for Lua in the "Compiled with" paragraph.
####How to add this plugin on Wireshark:
#####Method 1: add the Lua file on the global or personal Wireshark plugins directory. These folders are listed in Wireshark:
- help menu
- About Wireshark
- Folders tab
Then, the dissector file should appear on the plugins list:
- help menu
- About Wireshark
- Plugins tab
#####Method 2: add the Lua file to any folder Edit the file Wireshark\init.lua
- Verify this line:
disable_lua = false - And add this line at the end of the file (
DATA_DIRis the dir where the dissector actually is):dofile(DATA_DIR.."rfid.lua")
#####Method 3: loading the dissector directly from the command line
Use the argument -X lua_script:rfid.lua
Example: wireshark -r rfid_capture.pcap -X lua_script:fileshark_pcap.lua
####How to configure wireshark to take it into account: To let Wireshark know 14443-A as new dissector, you have to follow these steps:
- click on Edit
- click on Preferences
- choose Protocols on the tree on the left
- choose the DTL_USER protocol
- click on Edit...
- click on New and configure it as follow:
