标题:
windows命令行抓包tcpdump netsh
[打印本页]
作者:
linda
时间:
2021-6-9 19:35
标题:
windows命令行抓包tcpdump netsh
netsh trace start capture=yes report=disabled
。。。
netsh trace stop
etl2pcapng.exe "C:\Users\yfhu\AppData\Local\Temp\NetTraces\NetTrace.etl" 1.pcap
https://github.com/microsoft/etl2pcapng
https://www.sonicwall.com/support/knowledge-base/how-can-i-perform-a-packet-capture-in-windows-with-built-in-utility/170905204545360/
==============
Microolap TCPDUMP for Windows — Download
https://www.microolap.com/products/network/tcpdump/download/
以管理员身份运行:
tcpdump
列出全部网卡:
tcpdump -D
1.\Device\{2B90FA51-0A1A-43FF-B4C9-D6F595DDEA05} (Realtek RTL8822BE 802.11ac PCIe Adapter)
2.\Device\{4E029346-F271-4953-BBC8-E72AD49C0A48} (Microsoft Wi-Fi Direct Virtual Adapter)
3.\Device\{968BB362-A609-4346-A84E-A4C983CDF7DF} (Realtek PCIe GbE Family Controller)
4.\Device\{94214CFD-26E2-49CD-982C-E4829693647D} (Microsoft Wi-Fi Direct Virtual Adapter)
指定网卡抓包:
tcpdump -nnn -i 3 host 233.6.6.6 and udp
[
本帖最后由 linda 于 2021-8-13 17:15 编辑
]
欢迎光临 中神通公司技术论坛 (http://trustcomputing.com.cn/bbs/)
Powered by Discuz! 6.0.0