Created
May 20, 2023 08:27
-
-
Save sub314xxl/d342b150760d0d14c26dba75430403d0 to your computer and use it in GitHub Desktop.
Run WireShark without root
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Check CAP support in Kernel | |
| cat /proc/config.gz | gunzip | grep CAPABILITY | |
| /sbin/capsh --print | |
| # Set CAP on core binary | |
| sudo setcap cap_net_raw,cap_net_admin+eip /usr/bin/dumpcap | |
| # Add current user to Wireshark group | |
| sudo usermod -aG wireshark $USER | |
| # Force set attributes and group challenge to core binary | |
| sudo chgrp wireshark /usr/bin/dumpcap && sudo chmod o-rx /usr/bin/dumpcap | |
| # Re-login, profit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment