Is there a straight forward way I can simply get a list of all the files that were downloaded during a Packet Capture session? e.g. Images, Videos, Files and so on? Thanks asked 25 Mar '17, 21:31  SirSwish |
One Answer:
You didn't specify the protocol used to download files. I guess you mean HTTP. If this is the case you can find a list of all captured requests in the "Statistics" -> "HTTP" -> "Requests" menu. If you're using another protocol (e.g. FTP) please add more details to your question. answered 26 Mar '17, 03:01  Uli |
Hi,
Sorry about lack of detail, I'm kind of a novice at Wireshark. I was looking for something that could comprehensively list every file that was downloaded no matter the protocol, but at the very least HTTP, so thanks very much for the tip! ;) Just a quick clarifier if I may, does this include items that were fetched via HTTPS. If not is there an equivalent function for HTTPS?
Thanks
You also can try networkminer for such a task.
Thanks for the tip Christian. Unfortunately, the traffic is 802.11 and is encrypted. I have not been able to successfully convert the encyrpted PCAP file to a decrypted PCAP file thus far. and I wasn't able to find any WPA decryption functionality native to Network Miner.