Cannot capture packet on EVE using Wireshark

Moderator: mike

Post Reply
namhai5993
Posts: 10
Joined: Tue Nov 20, 2018 4:38 pm

Cannot capture packet on EVE using Wireshark

Post by namhai5993 » Tue Nov 20, 2018 4:46 pm

Hi all,
I can't capture packet on EVE.
I get msg as show in attached image.
Can anyone help me to resolve it.
Thank in advance!
You do not have the required permissions to view the files attached to this post.

Uldis (UD)
Posts: 5067
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: Cannot capture packet on EVE using Wireshark

Post by Uldis (UD) » Tue Nov 20, 2018 9:43 pm

I see behind your capture, that in CMD is access denied!!

this means your eve root password does not match with wireshark wrapper password.

wireshark wrapper is in
C;/program files/eve-ng/
wireshark_wrapper.bat

edit it and all will wotrk

Uldis

namhai5993
Posts: 10
Joined: Tue Nov 20, 2018 4:38 pm

Re: Cannot capture packet on EVE using Wireshark

Post by namhai5993 » Wed Nov 21, 2018 3:17 pm

Thank for your help!
I already edit root password in wireshark_wrapper.bat and I have resolve my issue.

I have another issue.
Now I am using sCRT to access devices, but I would like to use putty.
I run file win10_64bit_putty but it still user sCRT to access devices.
This is win10_64bit_putty:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\SOFTWARE\Classes\Putty.telnet]
@="telnet"

[HKEY_CURRENT_USER\SOFTWARE\Classes\Putty.telnet\DefaultIcon]
@="C:\\Program Files\\EVE-NG\\putty.exe, 0"

[HKEY_CURRENT_USER\SOFTWARE\Classes\Putty.telnet\shell]

[HKEY_CURRENT_USER\SOFTWARE\Classes\Putty.telnet\shell\open]

[HKEY_CURRENT_USER\SOFTWARE\Classes\Putty.telnet\shell\open\command]
@="\"C:\\Program Files\\EVE-NG\\putty.exe\" %1"

[HKEY_CURRENT_USER\SOFTWARE\Putty]

[HKEY_CURRENT_USER\SOFTWARE\Putty\Capabilities]

[HKEY_CURRENT_USER\SOFTWARE\Putty\Capabilities\URLAssociations]
"telnet"="Putty.telnet"

[HKEY_CURRENT_USER\SOFTWARE\RegisteredApplications]
"Putty"="Software\\Putty\\Capabilities"

[HKEY_CURRENT_USER\SOFTWARE\Classes\telnet\shell]

[HKEY_CURRENT_USER\SOFTWARE\Classes\telnet\shell\open]

[HKEY_CURRENT_USER\SOFTWARE\Classes\telnet\shell\open\command]
@="\"C:\\Program Files\\EVE-NG\\putty.exe\" %1"

Can you help me to resolve it.
Thanks!

Uldis (UD)
Posts: 5067
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: Cannot capture packet on EVE using Wireshark

Post by Uldis (UD) » Wed Nov 21, 2018 7:07 pm

you can set any telnet program to be as default
You do not have the required permissions to view the files attached to this post.

radchin
Posts: 2
Joined: Tue Dec 05, 2017 6:35 am

Re: Cannot capture packet on EVE using Wireshark

Post by radchin » Wed Jul 17, 2019 6:54 pm

Hi, All!

When capturing the port, I get the following error message.

Please tell me what is the reason for this error and how can I fix it?
You do not have the required permissions to view the files attached to this post.

Uldis (UD)
Posts: 5067
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: Cannot capture packet on EVE using Wireshark

Post by Uldis (UD) » Thu Jul 18, 2019 10:31 am

Make sure if you have winclient pack installed, as well if wireshark is installed in default location
and root password in wireshark_wrapper must match with yours !

We have live support
http://www.eve-ng.net/live-helpdesk

use google account or create bew to join chat

radchin
Posts: 2
Joined: Tue Dec 05, 2017 6:35 am

Re: Cannot capture packet on EVE using Wireshark

Post by radchin » Fri Jul 19, 2019 12:39 pm

I apologize for my poor English.

After some research, I managed to find out that plink.exe cannot connect to the eve-ng host. And so it failed to connect to the node interface.
At the same time, there were no problems with the username "root" and the password "eve".

I thought that this could be related to customization putty.ehe. Putty.ehe settings are stored in the windows registry.

HKEY_CURRENT_USER\Software\SimonTatham\PuTTY

After removing them, everything worked. Wireshark began to capture traffic on the interface

Many thanks to Uldis (UD) for answering my question. :D

Post Reply