i was excited to hear that wireshark 2.0 has integrated with USBPcap which is a tool you can use to capture USB device traffic/activity, save as a pcap file and then open and analyse it in Wireshark. So i gave it a go, and sure enough, the option popped up during the install about installing usbpcap or using the one already pre-installed (i had toyed around with USBpcap before). So, logically, i was expecting that at least my active USB interfaces would be listed alongside my virtual and physical network interfaces but that was not the case. I looked around a bit more and did not find anything. So can anyone help me make it possible to configure wireshark to capture USB interface data/traffic by selecting the uSB interface from among the network interfaces? asked 20 Nov '15, 12:31  Bob Ross |
One Answer:
You need to install the new version of USBPcap bundled with Wireshark. So I recommend you to uninstall your previous USBPcap installation (1.0.07?) and reinstall Wireshark and selecting USBPcap 1.1.0.0-g794bf26 during the installation procedure. It will install a USBPcapCMD.exe compatible with Wireshark extcap interface in extcap subfolder of your Wireshark installation. Next time you start Wireshark, you will see USBPcap interfaces listed. answered 20 Nov '15, 14:21  Pascal Quantin |
thanks a lot! it worked!