View unanswered posts | View active topics It is currently Thu Jun 27, 2019 8:58 am



Reply to topic  [ 2 posts ] 
 Analyze your Internet traffic via Fritzbox and Wireshark 
Author Message

Joined: Tue Jul 16, 2013 5:53 pm
Posts: 183
Location: Austria Korneuburg
Post Analyze your Internet traffic via Fritzbox and Wireshark
Have you ever been curious which programs
use unencrypted communication to send information over the Internet,
or which sites gets connected when you login on your WIFI home network
with your Android phone ?

With a Fritzbox it is easy to monitor all your
Internet traffic.

The Fritzbox is a DSL Line Access box which offers
IP packet monitoring via a WEB Interface.
http://fritz.box/html/capture.html
Here you can download a file and analyze your internet
traffic afterwards with Wireshark or Tshark.

Live capturing/decoding with the Utilite:

It is possible to login on the fritzbox via a small scripts (uses wget)
and start a live capture and filter what is interesting for you.
Is it possible to use Wireshark with a GUI or tshark on the command line.
You can also download caller id information or use any other
function via a script which is normally accessed via a Web GUI on this box.

Tested with Fritzbox 7270 / FRITZ!OS 05.53

#!/bin/bash
#

# Password of Fritzbox
Passwd="****"

#
MSN=""
TAB1=/
TAB2=/
TAB3=/
TAB4=/

# get OS-Version of fritzbox
Version=`wget -O- http://fritz.box/jason_boxinfo.xml | grep Version | awk '{match($0,/>[^<>]+</); print substr($0,RSTART+RLENGTH-6,5)}'`

if [ "$Version" \< "05.50" ]
then
# get Challenge
ChallengeXML=`wget -O - "http://fritz.box/cgi-bin/webcm?getpage=../html/login_sid.xml" 2>/dev/null| grep Challenge`
Challenge=`echo $ChallengeXML | awk '{match($0,/>[^<>]+</); print substr($0,RSTART+1,RLENGTH-2)}'`

# parse login / hash
CPSTR="$Challenge-$Passwd"
if [ "$BOXTYPE" = "dbox2" ]; then
asc2uni $CPSTR > /tmp/anrufer.md5
else
echo -n $CPSTR | iconv -f ISO8859-1 -t UTF-16LE > /tmp/anrufer.md5
fi
MD5=`md5sum /tmp/anrufer.md5 | sed -e s/' '.*$//`
RESPONSE="$Challenge-$MD5"
POSTDATA="login:command/response=$RESPONSE&getpage=../html/de/menus/menu2.html"

# send login and get SID
SID=`wget -O - --post-data="$POSTDATA" "http://fritz.box/cgi-bin/webcm" 2>/dev/null| grep "name=\"sid\"" | head -1 | awk '{match($0,/value="[^"]+"/); print substr($0,RSTART+7,RLENGTH-8)}'`

# refresh
wget -O /dev/null "http://fritz.box//cgi-bin/webcm?sid=$SID&getpage=..%2Fhtml%2Fde%2Fmenus%2Fmenu2.html&errorpage=..%2Fhtml%2Fde%2Fmenus%2Fmenu2.html&var%3Apagename=foncalls&var%3Aerrorpagename=foncalls&var%3Amenu=home&var%3Apagemaster=&var%3Aactivtype=pppoe&var%3AtabInetstat=0&var%3Aweckernr=&logger%3Asettings%2Ffilter=2"

# download caller list
wget -O /tmp/fb_anrufliste.csv "http://fritz.box/cgi-bin/webcm?sid=$SID&getpage=..%2Fhtml%2Fde%2FFRITZ%21Box_Anrufliste.csv" 2>/dev/null
typ3="G"
else
wget -O /tmp/anrufer.tmp http://fritz.box/login_sid.lua
# test SID
SID=`cat /tmp/anrufer.tmp | awk '{match($0,/SID>[^<>]+</); print substr($0,RSTART+4,RLENGTH-5)}'`
if [ "$SID" = "0000000000000000" ]
then
# get Challenge
Challenge=`cat /tmp/anrufer.tmp | awk '{match($0,/Challenge>[^<>]+</); print substr($0,RSTART+10,RLENGTH-11)}'`
# parse login / hash
CPSTR="$Challenge-$Passwd"
if [ "$BOXTYPE" = "dbox2" ]; then
asc2uni $CPSTR > /tmp/anrufer.md5
else
echo -n $CPSTR | iconv -f ISO8859-1 -t UTF-16LE > /tmp/anrufer.md5
fi
MD5=`md5sum /tmp/anrufer.md5 | sed -e s/' '.*$//`
RESPONSE="$Challenge-$MD5"
GETDATA="?response=$RESPONSE"
wget -O /tmp/anrufer.sid http://fritz.box/login_sid.lua$GETDATA
SID=$(sed -n '/.*<SID>\([^<]*\)<.*/s//\1/p' /tmp/anrufer.sid)
fi
# dump eth0
wget -O - http://fritz.box/cgi-bin/capture_notimeout?sid=$SID\?start=Start\&snaplen=1600\&iface=eth0 2>/dev/null | wireshark -k $dumpfile -i -
fi

exit 1


Attachments:
wireshark.png
wireshark.png [ 185.97 KiB | Viewed 6320 times ]
Thu Mar 20, 2014 6:12 pm
Profile WWW

Joined: Sat Apr 20, 2019 5:51 am
Posts: 1
Post Re: Analyze your Internet traffic via Fritzbox and Wireshark
Computer and all machines have been consumed for the future times. The part of the ukessays.com reviews are marked for the persons. The reflection discounted for the personal items for the individuals.


Sat Apr 20, 2019 1:39 pm
Profile
Display posts from previous:  Sort by  
Reply to topic   [ 2 posts ] 

Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by STSoftware for PTF.