Ask Your Question
0

Are elevated privileges required in Wireshark 3.0.0 on Windows?

asked 2019-03-14 16:12:24 +0000

caweakley gravatar image

updated 2019-03-14 20:58:50 +0000

Guy Harris gravatar image

Version 3.0.0 appears to be asking for elevated privileges when "finding local interfaces". We do not have this problem with version 2.6.6.

edit retag flag offensive close merge delete

Comments

Elevation shouldn't be required, what is your OS and capture library? Please post the contents (you can highlight and copy and paste) of the Wireshark -> Help -> About Wireshark -> Wireshark tab to give us the info.

grahamb gravatar imagegrahamb ( 2019-03-14 16:15:34 +0000 )edit

Here is the info:

Version 3.0.0 (v3.0.0-0-g937e33de) 

Copyright 1998-2019 Gerald Combs <[email protected]> and contributors. License GPLv2+: GNU GPL version 2 or later <http://www.gnu.org/licenses/old-licenses/gpl-2.0.html> This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 

Compiled (64-bit) with Qt 5.12.1, with WinPcap SDK (WpdPack) 4.1.2, with GLib 2.52.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.14.0, with Lua 5.2.4, with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.9, with QtMultimedia, with AirPcap, with SBC, with SpanDSP, with bcg729. 

Running on 64-bit Windows 10 ...
(more)
caweakley gravatar imagecaweakley ( 2019-03-14 16:40:39 +0000 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2019-03-14 16:46:07 +0000

grahamb gravatar image

You're running on Windows and using npcap (an older version at that) as can be seen from the output with Npcap version 0.99-r4.

You've probably checked an npcap install option to require elevated permissions to capture. To fix this, download the npcap installer (currently 0.99-r9) and when installing ensure the option to require admin privileges to capture is unchecked.

edit flag offensive delete link more

Comments

Thank you, this was helpful.

caweakley gravatar imagecaweakley ( 2019-03-14 19:34:08 +0000 )edit

If an answer has solved your issue, then please accept it by clicking the checkmark icon to the left of the answer. This informs other users with the same issue that this is a "good" answer.

grahamb gravatar imagegrahamb ( 2019-03-14 19:41:48 +0000 )edit
-1

answered 2019-03-15 09:15:46 +0000

Roger gravatar image

As far as I know, wireshark ask for elevated privileges. I guess to handle promiscuous mode.

edit flag offensive delete link more

Comments

This is incorrect. Wireshark does not require elevated privileges. The capture library, e.g. npcap may be configured to do so, but that is external to Wireshark.

On other OS's e.g. Linux\OS X, then other configuration steps may be required to allow non-root access capturing.

grahamb gravatar imagegrahamb ( 2019-03-15 10:53:47 +0000 )edit

You're right. I talking about defaults. And I like to limit this to elevated privileges. :)

Roger gravatar imageRoger ( 2019-03-18 11:31:30 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2019-03-14 16:12:24 +0000

Seen: 107 times

Last updated: Mar 15