No Interfaces Available In Wireshark Mac OS X

最新推荐文章于 2021-05-09 22:26:02 发布
最新推荐文章于 2021-05-09 22:26:02 发布 · 83 阅读 · 0
文章标签:

#操作系统 #shell

No Interfaces Available In Wireshark Mac OS X

No Interfaces Available In Wireshark Mac OS X
Many new Wireshark users on Mac OS X run into an issue where no interfaces show up when trying to begin packet capture. If you attempt to manually input an interface (such as en0) this error will occur:

The capture session could not be initiated ((no devices found) /dev/bpf0: Permission denied).

To have the interfaces show up properly you’ll need to widen the permissions on the Berkeley packet filter (BPF). By default they look like this:
  1. crw-------1 rootwheel 23, 0 Jan 31 13:47 /dev/bpf0
复制代码
We need the filter to be readable by non-root, so open Terminal.app and run this command:
  1. sudo chmod 644 /dev/bpf*
复制代码
Unfortunately every time you reboot this will reset, but if you are a frequent user of Wireshark you can add the ChmodBPF StartupItem to alter them automatically (available in the Utilities folder on the Wireshark disk image). To install you’ll need to follow two steps.

First, drag the ChmodBPF folder to the StartupItems alias in the same folder (or drag it to /Library/StartupItems directly). Type your password to authenticate and move the folder into the correct location.

The second requirement is only for 10.6+ users. Starting with Snow Leopard the security permissions of StartupItems are being enforced. Scripts that do not have the proper owner and group will receive this error:

Insecure Startup Item disabled. – “/Library/StartupItems/ChmodBPF” has not been started because it does not have the proper security settings

The proper security settings are ownership of the scripts by root and group of wheel.1 To set them:
  1. sudo chown -R root:wheel ChmodBPF
复制代码
The correct settings for startup items can be found in this Apple KB article ↩
from:http://langui.sh/2010/01/31/no-i ... wireshark-mac-os-x/

求解ChmodBPF是什么东西?英文能力有限,大概理解就是capture session所需要的/dev/bpf*没有权限,需要赋予权限,但是从启后还从新需要直接赋予权限的命令,那问提到/Library/StartupItems/这里,应该类似win下的启动菜单,但是文中ChmodBPF是何物?是自写的一个处理这个问题的shell脚本还是?那位童鞋了解过 谢谢了:)
iteye_309
关注
【Server】Socket编程原理详解
stalendp的专栏
10-04 6241
这篇文章将对一个简单的socket例程进行剖析。 这里提供的例子就是一个简单的TCP client/server程序,client主动连接server,并从服务器中得到一条欢迎消息:“[server] welcome client!”。程序的流程参考如下: 参考代码如下: server端: #include #include #include #include #inc
Remote Packet Capture for iOS Devices
陈鹏
03-26 2137
Remote Packet Capture for iOS Devices,Remote Virtual Interfaces
WiresharkNo interfaces found解决方法(Windows 10)
weixin_34191734的博客
07-10 1209
启动Wireshark时有时会报“No interfaces found”,找不到网卡进行截包。造成这种情况的原因可能有两个,一是npf服务没启动,二是当前用启对网卡没有拦截权限。   一、npf服务未启动处理  1.1找到cmd右键以管理员身份运行   1.2用以下命令启动npf net query npf #检查npf运行情况net start npf #启动np...
wireshark no interfaces found
fxbjye的博客
05-31 3418
最近使用wireshark 遇到 no interfaces found 问题。解决方法:1)以系统管理员的身份打开cmd命令。注若非管理员身份,后续会有问题。2)输入“net start npf”,回车就可以了。注,非管理员身份会出现“发生系统错误5”...
Wireshark显示No interfaces found
yiran_jun的博客
05-09 2195
今天突发奇想打开了一下Wireshark,竟然出现No interfaces found。我以为是bug了,重启软件,重启电脑都是一样。然后解决方法如下: 1.卸载安装Wireshark时自带的NPcap,如果你安装的时候没有安装,那当我没说,卸载方法:控制面板–程序–卸载程序 2.卸载之后,安装WinPcap,emmm,网上有人说NPcap比WinPcap好用,但是我觉得能用就行了,像上面的情况,NPcap竟然不能用,就很鸡肋,然后网上有很多资源下载WinPcap,比如:https://www.winpc
No Interfaces found - Wireshark
weixin_30335575的博客
11-03 311
No Interfaces found - Wireshark 参考链接: https://www.cnblogs.com/lsdb/p/7144605.html 先按照上面的做了,没用。 重装了WinPcap后,再按照上面的做,成功了。 转载于:https://www.cnblogs.com/wainzhang/p/9900421.html...
Wireshark抓包深度解析:手把手验证EtherCAT帧结构与PDO映射正确性的秘籍
# Wireshark抓包与EtherCAT协议深度解析:从帧结构到自动化验证 在现代工业自动化系统中,实时通信的稳定性直接决定了产线运行效率和产品质量。想象这样一个场景:一条高速包装生产线突然停机,伺服电机集体失步,...
为什么要获取MAC,为什么要构造完整报文帧,请换一种方法 #!/usr/bin/env python3 """ mdns_query_generator_improved.py 不依赖 Scapy,使用原生 socket 构造 mDNS 查询。 - 根据 IP 自动查找网络接口 - 跨平台权限检查(Windows/Linux) - 多线程并发发送 """ import argparse import threading import time import random import sys import socket import struct from struct import pack # 全局变量 stop_event = threading.Event() MCAST_ADDR = "224.0.0.251" MCAST_PORT = 5353 IP_TTL = 255 def is_admin(): """跨平台检查管理员/root 权限""" try: if sys.platform == "win32": import ctypes return ctypes.windll.shell32.IsUserAnAdmin() != 0 else: return hasattr(os, 'geteuid') and os.geteuid() == 0 except Exception: return False def get_interface_by_ip_ioctl_linux(ip): """Linux 下通过 ioctl(SIOCGIFCONF) 查找接口名""" try: s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) # SIOCGIFCONF: 获取所有接口信息 ifs = fcntl.ioctl(s.fileno(), 0x8912, bytes(4096)) s.close() # 每个 ifreq 结构体约 40 字节(if_name + sa) for i in range(0, len(ifs), 40): data = ifs[i:i+40] if len(data) < 40: continue ifname_bytes = data[:16].split(b'\x00', 1)[0] ifname = ifname_bytes.decode('utf-8') addr_data = data[20:24] # sin_addr 在结构体中的偏移 ip_if = socket.inet_ntoa(addr_data) if ip_if == ip: return ifname except Exception as e: print(f"[ioctl] Error: {e}") return None def get_interface_by_ip_netifaces(ip): """使用 netifaces 查找接口""" try: import netifaces for iface in netifaces.interfaces(): addrs = netifaces.ifaddresses(iface) if netifaces.AF_INET in addrs: for addr_info in addrs[netifaces.AF_INET]: if addr_info['addr'] == ip: return iface except ImportError: return None except Exception as e: print(f"[netifaces] Error: {e}") return None return None def get_interface_by_ip(ip): """自动根据 IP 查找对应接口名(优先 netifaces,fallback 到 ioctl)""" # 方法 1: netifaces iface = get_interface_by_ip_netifaces(ip) if iface: return iface # 方法 2: Linux ioctl if sys.platform.startswith("linux"): iface = get_interface_by_ip_ioctl_linux(ip) if iface: return iface # 方法 3: 尝试用 UDP connect 推断出口接口(启发式) try: s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.connect(("8.8.8.8", 53)) local_ip = s.getsockname()[0] s.close() if local_ip == ip: # 再试一次 ioctl(适用于本机默认路由接口) return get_interface_by_ip_ioctl_linux(ip) except Exception: pass return None def mac_str_to_bytes(mac): """MAC 字符串转 bytes""" return bytes(int(b, 16) for b in mac.split(':')) def ip_str_to_bytes(ip): """IPv4 转 bytes""" return bytes(map(int, ip.split('.'))) def ip_to_int(ip): """IP 转整数""" return sum([int(b) << (8 * (3 - i)) for i, b in enumerate(ip.split('.'))]) def checksum(data): """校验和计算""" if len(data) % 2 == 1: data += b'\0' chk = 0 for i in range(0, len(data), 2): chk += (data[i] << 8) + data[i + 1] while chk >> 16: chk = (chk & 0xFFFF) + (chk >> 16) return ~chk & 0xFFFF def build_dns_query(qname, qtype=12): # 12 = PTR def encode_name(name): result = b'' for part in name.encode().split(b'.'): result += bytes([len(part)]) + part return result + b'\0' header = pack('>HHHHHH', 0, 0x0100, 1, 0, 0, 0) question = encode_name(qname) + pack('>HH', qtype, 1) return header + question def build_udp_packet(sport, dport, data): length = 8 + len(data) udp_header = pack('>HHH H', sport, dport, length, 0) pseudo_header = ip_str_to_bytes(src_ip_global) + ip_str_to_bytes(MCAST_ADDR) + \ pack('>BBH', 0, 17, length) chk_data = pseudo_header + udp_header[:8] + b'\0\0' + data csum = checksum(chk_data) udp_header = pack('>HHH H', sport, dport, length, csum) return udp_header + data def build_ip_packet(src, dst, proto, payload): version_ihl_tos = 0x45 tot_len = 20 + len(payload) iden = random.randint(0, 0xFFFF) frag = 0 ttl = IP_TTL src_addr = ip_str_to_bytes(src) dst_addr = ip_str_to_bytes(dst) header = pack('!BBHHHBBHII', version_ihl_tos, 0, tot_len, iden, frag, ttl, proto, 0, ip_to_int(src), ip_to_int(dst)) chk = checksum(header) header = pack('!BBHHHBBHII', version_ihl_tos, 0, tot_len, iden, frag, ttl, proto, chk, ip_to_int(src), ip_to_int(dst)) return header + payload # 全局用于保存源 IP src_ip_global = None def get_interface_mac(iface_name): """获取接口 MAC 地址""" if sys.platform.startswith("linux"): s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) try: info = fcntl.ioctl(s.fileno(), 0x8927, struct.pack('256s', iface_name.encode('utf-8')[:15])) return bytes(info[18:24]) except Exception as e: print(f"Failed to get MAC of {iface_name}: {e}") return None return None def sender_thread(thread_id, service, rate, iface_name, src_ip): global src_ip_global src_ip_global = src_ip try: my_mac = get_interface_mac(iface_name) if not my_mac: print(f"[Thread {thread_id}] Cannot get MAC address.") stop_event.set() return except Exception as e: print(f"[Thread {thread_id}] Interface error: {e}") stop_event.set() return eth_hdr = mac_str_to_bytes("01:00:5e:00:00:fb") + my_mac + pack('!H', 0x0800) dns_query = build_dns_query(service, qtype=12) udp_pkt = build_udp_packet(MCAST_PORT, MCAST_PORT, dns_query) ip_pkt = build_ip_packet(src_ip, MCAST_ADDR, 17, udp_pkt) packet = eth_hdr + ip_pkt # 仅 Linux 支持 AF_PACKET 发送 if not sys.platform.startswith("linux"): print(f"[Thread {thread_id}] Non-Linux platform: simulating send") interval = 1.0 / rate if rate > 0 else 0 while not stop_event.is_set(): print(f"[SIM] Sending mDNS query from {src_ip} via {iface_name}") time.sleep(interval) return try: sock = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(0x0800)) sock.bind((iface_name, 0)) except PermissionError: print(f"[ERROR] Permission denied. Run as root/administrator.") stop_event.set() return except Exception as e: print(f"[Socket] Create failed: {e}") stop_event.set() return print(f"[Thread {thread_id}] Started sending on {iface_name}") interval = 1.0 / rate if rate > 0 else 0 while not stop_event.is_set(): try: sock.send(packet) except Exception as e: print(f"[Send] Failed: {e}") break if interval > 0: time.sleep(interval) def main(): parser = argparse.ArgumentParser(description="mDNS Query Generator (No Scapy, Auto IFACE)") parser.add_argument("--service", default="_http._tcp.local.", help="Service type to query (PTR)") parser.add_argument("--clients", type=int, default=100, help="Number of concurrent threads") parser.add_argument("--rate", type=float, default=1.0, help="Queries per second per client") parser.add_argument("--duration", type=int, default=60, help="Duration in seconds") parser.add_argument("--ip", required=True, help="Source IP address (used to auto-find interface)") args = parser.parse_args() # 步骤 1: 检查权限 if not is_admin(): print("[WARNING] May lack permission to send raw packets. Please run as admin/root.") # 步骤 2: 根据 IP 自动查找接口 iface_name = get_interface_by_ip(args.ip) if not iface_name: print(f"[ERROR] Cannot find interface for IP {args.ip}") print("Available interfaces may not have this IP assigned.") sys.exit(1) print(f"[INFO] Found interface '{iface_name}' for IP {args.ip}") # 步骤 3: 启动多线程发送器 print(f"[INFO] Starting {args.clients} clients, {args.rate} qps/client, duration={args.duration}s") threads = [] for i in range(args.clients): t = threading.Thread( target=sender_thread, args=(i, args.service, args.rate, iface_name, args.ip), daemon=True ) t.start() threads.append(t) start_time = time.time() try: while time.time() - start_time < args.duration and not stop_event.is_set(): time.sleep(0.5) except KeyboardInterrupt: print("\n[INFO] Interrupted by user.") stop_event.set() stop_event.set() print("Waiting for threads to finish...") for t in threads: t.join(timeout=2.0) print("Done.") if __name__ == "__main__": # 导入条件依赖 if sys.platform.startswith("linux"): import fcntl main() "python mdns_query.py --ip 192.168.2.2 --clients 10 --rate 2 --duration 30"
最新发布
10-25
你可以用 Wireshark 抓包确认是否成功发送了 mDNS 查询: - 过滤表达式:`udp.dstport == 5353 and ip.dst == 224.0.0.251` - 查看是否有来自 `192.168.2.2` 的 DNS 查询,请求 `_http._tcp.local.` 的 PTR 记录 ...
kali linux 支持什么编程语言_渗透过程中可能要用到的Kali工具小总结
weixin_39576066的博客
10-24 3302
渗透过程中可能要用到的Kali工具小总结写在最前面最近在搞渗透的时候,发现过程中有一些kali工具还是很适合使用的所以写一个渗透过程中可能用到的kali渗透工具的小小总结写的不对 多多包涵 各位大佬轻喷 :DKali用得好 牢饭准管饱渗透不规范 亲人两行泪先来了解一下Kali(From Wikipdeia)Kali Linux是基于Debian的Linux发行版, 设计用于数字取证操作系统。由Of...
wireshark提示No interfaces found
weixin_43285090的博客
09-17 2008
** wireshark不能获取本地网卡 ** win10安装wireshark后,无法访问网卡,界面展示No interfaces found 解决办法: 1、卸载安装时自带的NPcap 可在控制面板–程序–卸载程序中卸载 2、卸载之后,安装WinPcap 网上有很多资源https://www.winpcap.org/ 3、以管理员身份运行命令提示符,执行net start npf 4、以管理员身份运行wireshark,此时wireshark已经可以正常获取网卡信息了 ...
wireshark 提示 No interface found
weixin_30421525的博客
09-28 279
解决方法:以管理员身份运行cmd,输入 net start npf 后回车,提示 :NetGroup Packet Filter Driver 服务已经启动成功。然后再打开wireshark,此时能正常使用。 转载于:https://www.cnblogs.com/bruceshu/p/9719642.html...
wireshark中出现 No interfaces found
热门推荐
wozaidengnihaojiu的博客
07-22 1万+
在使用wireshark的过程中,因为windows的某个进程服务没有打开,导致在打开wireshark的过程中出现故障 界面显示出  No interfaces found 这种情况的解决办法是: 以管理员权限打开我们的命令提示符 在里面输入命令:  net start npf   回车之后,会显示 NetGroup Packet Filter
windows下wireshark界面显示no interfaces found
跑码场
06-25 3804
管理员身份打开cmd net start npf
『网络抓包必备』:解决WiresharkNo interface found“ 问题的终极指南
我先测了
08-01 9226
Wireshark(前称Ethereal)是一个网络封包分析软件。网络封包分析软件的功能是截取网络封包,并尽可能显示出最为详细的网络封包资料。Wireshark使用WinPCAP作为接口,直接与网卡进行数据报文交换。在过去,网络封包分析软件是非常昂贵的,或是专门属于盈利用的软件。Ethereal的出现改变了这一切。在GNUGPL通用许可证的保障范围底下,使用者可以以免费的途径取得软件与其源代码,并拥有针对其源代码修改及客制化的权利。Ethereal是全世界最广泛的网络封包分析软件之一。
Win10下Wireshark找不到接口的解决办法No found interface
优先级4.0
05-10 721
解决办法:在http://www.win10pcap.org/download/下载安装Win10Pcap可解决此问题。
FailedNo error information available: E_NOINTERFACE(0x80004002).
Montaque & DotNet
09-10 2122
用COM+ 的自动事务,必须操作的对象支持,用access 调用dtc,会有莫名其妙的错误代码FailedNo error information available: E_NOINTERFACE(0x80004002).关于这个问题,微软有一片kbhttp://support.microsoft.com/default.aspx?scid=KB;EN-US;Q221071&  
Java 8u152 Mac OS X 示例代码大全
标题“jdk-8u152-macosx-x86_64-demos.zip_Java 8_strawzuu”所指的文件是一个与Java开发工具包(JDK)相关的压缩包,具体版本为JDK 1.8.0_152,适用于Mac OS X操作系统,且为x86_64架构。该文件名称中的“demos”...
评论
成就一亿技术人!
拼手气红包6.0元
还能输入1000个字符
 
红包 添加红包
表情包 插入表情
表情包 代码片
 条评论被折叠 查看
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值