Of course, the easiest way to extract files from an SMB capture is to use Wireshark's File --> Export Objects --> SMB/SMB2 option. But I feel the first option is more fun :)
Friday 24 October 2014
Wireshark - How to carve out a File from an SMB Capture?
Just now made a mind map on one approach to extract a file from a SMB packet capture. Image is attached below:
Of course, the easiest way to extract files from an SMB capture is to use Wireshark's File --> Export Objects --> SMB/SMB2 option. But I feel the first option is more fun :)
Of course, the easiest way to extract files from an SMB capture is to use Wireshark's File --> Export Objects --> SMB/SMB2 option. But I feel the first option is more fun :)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment