-
Notifications
You must be signed in to change notification settings - Fork 14k
Sanitizing PCAPs
h00die edited this page Dec 19, 2021
·
2 revisions
Before submitting a pcap to [email protected], you may choose to sanitize it. Mainly, you'll want to change the mac addresses and IP addresses.
tcprewrite can be used to change the IP and MAC addresses. The following command will take care of both of those: tcprewrite --seed=<int> --infile=<infile> --outfile=<outfile> --dlt=enet --enet-dmac=<dmac> --enet-smac=<smac>
-
seedis used to seed changes to IP address. Pick a number for here,111is acceptable. -
dltfixes an error:dlt_linux_ssl plugin does not support packet encoding -
enet-dmacfixes the destination mac.00:00:00:00:00:00works -
enet-smacfixes the source mac.11:11:11:11:11:11works
- Home Welcome to Metasploit!
- Using Metasploit A collection of useful links for penetration testers.
-
Setting Up a Metasploit Development Environment From
apt-get installtogit push. - CONTRIBUTING.md What should your contributions look like?
- Landing Pull Requests Working with other people's contributions.
- Using Git All about Git and GitHub.
- Contributing to Metasploit Be a part of our open source community.
- Meterpreter All about the Meterpreter payload.