Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2025-06-17 09:06:44 +0000

Guy Harris gravatar image

Presumably that's Alex Taradov's (ataradov, with a "t" before "aradov") USB sniffer.

As the GitHub page says

Pre-built binaries are provided for Linux and Windows.

and

To use with Wireshark, copy the file into the extcap plugin directory. Typical locations are ~/.local/lib/wireshark/extcap on Linux, and C:/Users/<user>/AppData/Roaming/Wireshark/extcap/ on Windows. The exact location is provided in the Help -> About Wireshark -> Folders -> Personal Extcap path.

so download it from the "Windows" link and install it in whatever directory shows up from the Wireshark window popped up for Help > About Wireshark; it'll be in the Folders pane, in the row that has "Personal Extcap path" in the first column. Put the program in that directory, and then start Wireshark with the sniffer device attached.

Presumably that's Alex Taradov's Taradov's (ataradov, with a "t" before "aradov") USB sniffer.

As the GitHub page says

Pre-built binaries are provided for Linux and Windows.

and

To use with Wireshark, copy the file into the extcap plugin directory. Typical locations are ~/.local/lib/wireshark/extcap on Linux, and C:/Users/<user>/AppData/Roaming/Wireshark/extcap/ on Windows. The exact location is provided in the Help -> About Wireshark -> Folders -> Personal Extcap path.

so download it from the "Windows" link and install it in whatever directory shows up from the Wireshark window popped up for Help > About Wireshark; it'll be in the Folders pane, in the row that has "Personal Extcap path" in the first column. Put the program in that directory, and then start Wireshark with the sniffer device attached.

Presumably that's Alex Taradov's (ataradov, with a "t" before "aradov") USB sniffer.

As the GitHub page says

Pre-built binaries are provided for Linux and Windows.

and

To use with Wireshark, copy the file into the extcap plugin directory. Typical locations are ~/.local/lib/wireshark/extcap on Linux, and C:/Users/<user>/AppData/Roaming/Wireshark/extcap/ on Windows. The exact location is provided in the Help -> About Wireshark -> Folders -> Personal Extcap path.

so download it from the "Windows" link and install it in whatever directory shows up from the Wireshark window popped up for Help > About Wireshark; it'll be in the Folders pane, in the row that has "Personal Extcap path" in the first column. Put the program in that directory, and then start Wireshark with the sniffer device attached.

ADDED:

supposed to work with wireshark. Installed an older wireshark 3.64

It may be able to capture with Wireshark 3.64, but it captures link-layer USB traffic rather than USB transactions, and Wireshark 3.x doesn't know how to dissect link-layer USB traffic. As the page for the sniffer says, "Note: You will need a recent version of Wireshark (v4.x.x). Older versions may not be able to decode USB payload, but should still show the raw data."

Presumably that's Alex Taradov's (ataradov, with a "t" before "aradov") USB sniffer.

As the GitHub page says

Pre-built binaries are provided for Linux and Windows.

and

To use with Wireshark, copy the file into the extcap plugin directory. Typical locations are ~/.local/lib/wireshark/extcap on Linux, and C:/Users/<user>/AppData/Roaming/Wireshark/extcap/ on Windows. The exact location is provided in the Help -> About Wireshark -> Folders -> Personal Extcap path.

so download it from the "Windows" link and install it in whatever directory shows up from the Wireshark window popped up for Help > About Wireshark; it'll be in the Folders pane, in the row that has "Personal Extcap path" in the first column. Put the program in that directory, and then start Wireshark with the sniffer device attached.

ADDED:

supposed to work with wireshark. Installed an older wireshark 3.64

It may be able to capture with Wireshark 3.64, but it captures link-layer USB traffic rather than USB transactions, and Wireshark 3.x doesn't know how to dissect link-layer USB traffic. As the page for the sniffer says, "Note: You will need a recent version of Wireshark (v4.x.x). Older versions may not be able to decode USB payload, but should still show the raw data."

However, the sniffer program to communicate with the card is 64-bit-only, so if you want to use that sniffer device on a 32-bit machine, you're out of luck - you won't be able to do it. You'll have to find some other form of hardware USB sniffer device that 1) is supported on 32-bit machines and 2) will produce captures that can be read and dissected by Wireshark versions for which there are 32-bit Windows binaries.