This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Capture Google Drive Upload?

0

As I know this far, I need to know which is the IP address of the google drive upload. But I can't find one. Is this correct way? Thank you.

asked 25 Jun '15, 07:31

Rommy's gravatar image

Rommy
6113
accept rate: 0%


2 Answers:

1
  1. Determine the IP address of your machine
  2. In Wireshark, select Capture / options
  3. Select the interface that connect to the LAN
  4. Enter the following capture filter: host <your-ip-address>
  5. Start capturing
  6. Go to Google drive and upload a file

You should only see traffic to/from your computer. Now find the TCP traffic to/from Internet. You can confirm by right-clicking on one of the packets and select "Follow TCP Stream" In the analysis screen, you should see "upload.docs.google.com"

answered 25 Jun '15, 08:18

Amato_C's gravatar image

Amato_C
1.1k142032
accept rate: 14%

1

Google drive is hosted in the Google CDN (1e100.net) and you will get different IPs for drive.google.com depending on the geographical region you are in. You can obviously resolve drive.google.com to get the IP address for your region and then capture traffic to that IP address. However the whole traffic to the google servers is encrypted (https). You will be able to see that something is being transmitted to the google servers, but you won't see what is being uploaded. If you need that, please take a look at Fiddler (or similar tools).

Regards
Kurt

answered 25 Jun '15, 08:21

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 25 Jun '15, 08:25

I don't know what to say. Thank you very much :)

(26 Jun '15, 05:17) Rommy

@ Rommy

I don't know which answer your comment, which I converted from an "answer" belongs to.

Can you please accept the answer that helped you most by clicking the checkmark icon by that answer. This also helps others with the same question later.

(27 Jun '15, 07:42) grahamb ♦