Sniffing on Windows 10 machine from a remote Linux machine

asked 2019-01-19 23:31:00 +0000

MiniMe gravatar image

updated 2019-01-19 23:31:45 +0000

Hi guys

I used to do this using the rpcapd but that is not supported anymore I tried to use the native sshdump support in Wireshark but that did not work I am also trying the below without much luck:

plink.exe -ssh -t -pw "xxxx" [email protected] "sudo dumpcap -P -i ens160 -s0 -w -" | "C:\Program Files\Wireshark\Wireshark.exe" -k -i -

I am not sure what I wrong If I do not do the piping I am being asked for a password (I think it is the sudo password) and I see garbage (so it works) If I add the piping then I think I am missing the prompt

What am I doing wrong ?

edit retag flag offensive close merge delete