Intro

I am a Digital Forensics student studying at university in the UK. I also do some Cyber Security modules.
I am currently in my 2nd year.
I have mainly started this to post interesting things I have learned and problems I have encountered.
However, I will use it to do write ups about useful things I want to remember such as commands and tools I have used so I don't forget them! (To be honest, I don't expect anyone to read this!)

Sunday 22 February 2015

Extract Zip File From Wireshark

So, I needed to extract a file from a network log file in Wireshark.
Never done it before. Only ever used the "Export Items" function in Wireshark for HTTP items.

I was playing around on Wireshark and actually came up with an answer without Googling!!! Yay me....:)

The item in question was transferred through FTP.
So i filtered for "ftp-data".
I found the right TCP Stream, in this case 307 and right-clicked, follow TCP Stream.

The box came up. If you press Save As and then name the file "anything.zip", Wireshark will export that TCP stream as a zip file!

Image below:


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)