search

JayTwoLab / wireshark-remote-command-win

Wireshark remote command for Windows :kr: 윈도우즈에서 와이어샤크를 이용한 원격 패킷 캡춰
https://jaytwolab.github.io/wireshark-remote-command-win/
MIT License
4 stars 2 forks source link

Error in Wireshark #1

Open esdee303 opened 4 years ago

esdee303 commented 4 years ago

Hello,

When executing the command file, Wireshark opens but it shows an error: "Data written to the pipe is neither in a supported pcap format nor in pcapng format."

libpcap is installed on the remote server, and it is possible to run a local tcpdump and store it in a *.pcap file. This file can be read by Wireshark.

Thx

j2doll commented 4 years ago

Dear @esdee303 It is probably the version difference of plink.exe.

https://ask.wireshark.org/question/14457/data-written-to-the-pipe-is-neither-in-a-supported-pcap-format-nor-in-pcapng-format/

New version has no -ssh option.

davidribyrne commented 4 years ago

This happens because plink is displaying "Access granted. Press Return to begin session." It can be fixed by using the -no-antispoof switch.