Sanitizing PCAPs

Before submitting a pcap to [email protected], you may choose to sanitize it. Mainly, you'll want to change the mac addresses and IP addresses.

Kali Linux

tcprewrite can be used to change the IP and MAC addresses. The following command will take care of both of those: tcprewrite --seed=<int> --infile=<infile> --outfile=<outfile> --dlt=enet --enet-dmac=<dmac> --enet-smac=<smac>

seed is used to seed changes to IP address. Pick a number for here, 111 is acceptable.
dlt fixes an error: dlt_linux_ssl plugin does not support packet encoding
enet-dmac fixes the destination mac. 00:00:00:00:00:00 works
enet-smac fixes the source mac. 11:11:11:11:11:11 works

Metasploit Wiki Pages

Home Welcome to Metasploit!
Using Metasploit A collection of useful links for penetration testers.
Setting Up a Metasploit Development Environment From apt-get install to git push.
CONTRIBUTING.md What should your contributions look like?
Landing Pull Requests Working with other people's contributions.
Using Git All about Git and GitHub.
Contributing to Metasploit Be a part of our open source community.
Meterpreter All about the Meterpreter payload.

Sanitizing PCAPs

Kali Linux

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!