Ask Your Question
0

Editcap not found on mac osx

asked 2020-07-29 21:33:06 +0000

Tiger123 gravatar image

I am trying to use editcap on my mac, but the command is not found. How do I add this?

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2020-07-29 22:03:25 +0000

Guy Harris gravatar image

If you've installed Wireshark 3.2, make sure you installed the "Add Wireshark to the system path" package.

Then you'll need to open a new Terminal window - that won't affect existing windows.

edit flag offensive delete link more

Comments

I have Wireshark 3.2.5 on my mac. Where do I find that package?

Tiger123 gravatar imageTiger123 ( 2020-07-29 22:04:34 +0000 )edit

In the .dmg that you downloaded to install Wireshark 3.2.5. You may have to download it again; you won't need to drag-install Wireshark again, but you will need to double-click the "Add Wireshark to the system path" package to install it.

Guy Harris gravatar imageGuy Harris ( 2020-07-29 23:13:48 +0000 )edit

Oh I see. Thanks a lot. I am using the sample capture file from Wireshark, found here: https://wiki.wireshark.org/DTLS. The key log file provided (snakeoil-rsa.key) is an unsupported private key file, and the decryption will not work. Do I change this to a nss format? And if so, how would I do that?

Tiger123 gravatar imageTiger123 ( 2020-07-29 23:42:43 +0000 )edit

Are you looking specifically for DTLS test files or would regular TLS be ok?

Chuckc gravatar imageChuckc ( 2020-07-30 04:17:50 +0000 )edit

I am looking only to embed the keys into the pcap file (specifically this DTLS test file) to create one single pcapng file. Right now, the capture and the key come separately.

Tiger123 gravatar imageTiger123 ( 2020-07-30 05:06:53 +0000 )edit

Since Guy was able to help with installing Editcap, moving the keys discussion back to the original question "How do I add keys (that I already have) to a packet capture?"

Chuckc gravatar imageChuckc ( 2020-07-30 06:23:49 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2020-07-29 21:33:06 +0000

Seen: 2,095 times

Last updated: Jul 29 '20

Related questions

Filtering BLE source hides all results

name resolution

Decode G.722 on Mac

how to use editcap to split the btmon captured file

Wireless controls are not supported in this version of wireshark

How to switch Mac OS NIC to monitor mode during use internet

Error on Mac! Could not create profiles directory? Help!

How to fix "The capture session could not be initiated on interface" (You don't have permission to capture on that device)

Changing Interface Name via Editcap

Detect non-connected devices in range of WiFi (for counting purposes)

Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2