18
Downloads
-
0 Ratings
All Versions
18
Total Downloads
0
Downloads Last Week
Current Version
6
Total Downloads
0
Downloads Last Week
Downloads Last 10 Weeks
All Versions
-
0 Ratings
5
4
3
2
1
Current Version
-
0 Ratings
5
4
3
2
1

WiresharkOverview

Wireshark is one of the world's foremost network protocol analyzers, and is the standard in many parts of the industry. It is the continuation of a project that started in 1998. Hundreds of developers around the world have contributed to it, and it it still under active development.

Wireshark has a rich feature set which includes the following:

  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
  • Multi-interface: Along with a standard GUI, Wireshark includes TShark, a text-mode analyzer which is useful for remote capture, analysis, and scripting
  • The most powerful display filters in the industry
  • VoIP analysis
  • Live capture and offline analysis are supported
  • Read/write many different capture file formats: tcpdump (libpcap), NAI's Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX's iptrace, Microsoft's Network Monitor, Novell's LANalyzer, RADCOM's WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group's/WildPacket's EtherPeek/TokenPeek/AiroPeek, Visual Networks' Visual UpTime and many others
  • Capture files compressed with gzip can be decompressed on the fly
  • Hundreds of protocols are supported, with more being added all the time
  • Coloring rules can be applied to the packet list, which eases analysis

New

Vulnerabilities Fixed

  • Bazaar dissector infinite loop
  • DOF dissector read overflow
  • DHCP dissector read overflow
  • SoulSeek dissector infinite loop
  • DNS dissector infinite loop
  • DICOM dissector infinite loop
  • openSAFETY dissector memory exhaustion
  • BT L2CAP dissector divide by zero
  • MSNIP dissector crash
  • ROS dissector crash
  • RGMP dissector crash
  • IPv6 dissector crash

Bugs Fixed

  • DICOM dissection error
  • Qt: drag & drop of one column header in PacketList moves other columns
  • Can not export captured DICOM objects in version 2.2.5
  • False complain about bad checksum of ICMP extension header
  • LibFuzzer: ISUP dissector bug (isup.number_different_meaning)
  • Dissector Bug, protocol BT ATT
  • Wireshark dispalys RRCConnectionReestablishmentRejectRRCConnectionReestablishmentReject in Info column
  • [oss-fuzz] UBSAN: shift exponent 105 is too large for 32-bit type int in packet-ositp.c:551:79
  • [oss-fuzz] UBSAN: shift exponent -77 is negative in packet-netflow.c:7717:23
  • [oss-fuzz] UBSAN: shift exponent 1959 is too large for 32-bit type int in packet-sigcomp.c:2128:28
  • [oss-fuzz] UBSAN: shift exponent 63 is too large for 32-bit type guint32 (aka unsigned int) in packet-rtcp.c:917:24
  • [oss-fuzz] UBSAN: shift exponent 70 is too large for 64-bit type guint64 (aka unsigned long) in dwarf.c:42:43
  • [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type int in packet-xot.c:260:23
  • [oss-fuzz] UBSAN: shift exponent -5 is negative in packet-sigcomp.c:1722:36
  • [oss-fuzz] UBSAN: index 2049 out of bounds for type char [2049] in packet-quakeworld.c:134:5
  • [oss-fuzz] UBSAN: shift exponent 35 is too large for 32-bit type int in packet-netsync.c:467:25
  • [oss-fuzz] UBSAN: shift exponent 32 is too large for 32-bit type int in packet-sigcomp.c:3857:24
  • [oss-fuzz] ASAN: stack-use-after-return epan/dissectors/packet-ieee80211.c:14341:23 in add_tagged_field
  • Welcome screen invalid capture filter wihtout WinPcap installed causes runtime error
  • SMB protocol parser does not parse SMB_COM_TRANSACTION2_SECONDARY (0x33) command correctly
  • SIP packets with SDP marked as malformed
  • [oss-fuzz] UBSAN: index 8 out of bounds for type gboolean const[8] in packet-ieee80211-radiotap.c:1836:12
  • Crash on "Show packet bytes…" context menu item click
  • DNP3 dissector does not properly decode packed variations with prefixed qualifiers

Updated Protocol Support

  • Bazaar, BT ATT, BT L2CAP, DHCP, DICOM, DNP3, DNS, DOF, DWARF, ICMP, IEEE 802.11, IPv6, ISUP, LTE RRC, MSNIP, Netflow, Netsync, openSAFETY, OSITP, QUAKEWORLD, Radiotap, RGMP, ROS, RTCP, SIGCOMP, SMB, SoulSeek, and XOT

Known Problems

  • Dumpcap might not quit if Wireshark or TShark crashes
  • The BER dissector might infinitely loop
  • Capture filters aren’t applied when capturing from named pipes
  • Filtering tshark captures with read filters (-R) no longer works
  • Application crash when changing real-time option
  • Wireshark and TShark will display incorrect delta times in some cases
  • Wireshark should let you work with multiple capture files
  • Dell Backup and Recovery (DBAR) makes many Windows applications crash, including Wireshark

WiresharkTech Specs

Version
2.2.7
Date
06.22.17
License
Free
Language
English
File Size
32.9 MB
SubCategory
Operating Systems
Mac OS X
System Requirements
  • OS X 10.6 or later
  • X11 or XQuartz

AppsSelected For You

BitTorrent Sync Icon
BitTorrent, Inc.
Sync files securely without the cloud.
WiFiScriptor Icon
semaja2
Runs a script run when you connect/disconnect from a wireless network.
FrostWire Icon
Frostwire
Open-Source BitTorrent search tool.
Transmission Icon
Transmission Project
Popular BitTorrent client.
Twitter Icon
Twitter, Inc.
Official Twitter client for Mac (was Tweetie).
Carousel Icon
Mobelux, LLC
Experience Instagram on your Mac.
Kiwi Icon
YourHead Software
Full-featured App.net client.
NetSpot Pro Icon
NetSpot
Wireless survey tool.