Xplico version 0.5.4: Facebook Chat
This version of Xplico introduce new and important features:
- Facebook web chat dissector
- New XI based on CakePHP 1.2.5
- New representation of images
- For each image you can see (with the proxy enabled) the page where the image is contained
- WLAN and LLC basic dissectors
- HTTP dissector Improvements
You can download source code, Ubuntu 9.10 package and VirtualBox.org image here.
Xplico version 0.5.3 and DEFT Vx5
You can find this release in DEFT Vx5 Linux distribution.
You can download source code, Ubuntu 9.10 package and VirtualBox.org image here.
This version of Xplico introduce many new features:
- snoop Packet Capture File Format as input file
- DNS dissector with graphical representation in Xplico Interface (XI)
- NNTP dissector
- PPPOE dissector
- direct live acquisition from XI
- new dispatcher named CLI: this dispatcher organize the data extracted in a tree as this:
xdecode/<ip_src_1>/http
xdecode/<ip_src_1>/mail/
xdecode/<ip_src_1>/nntp
xdecode/<ip_src_1>/ftp
xdecode/<ip_src_1>/...
xdecode/<ip_src_2>/http
xdecode/<ip_src_2>/mail/
xdecode/<ip_src_2>/nntp
xdecode/<ip_src_2>/ftp
xdecode/<ip_src_2>/...
- default CLI dispatcher in command line execution
- file extension for the HTTP contents
We have to thank:
- Carlos Gacimartín, for his help
- Doriano Azzena, for his support in debugging
- Matteo G.P. Flora for inspiration of DNS XI graphics
- Open Flash Chart team for their wonderful tool
- all forum users for their debug
Enjoy ;).
VirtualBox Image of Debian 5.0 with Xplico
At SourceForge there is a VirtualBox.org image of Debian 5.0 with Xplico 0.5.2 installed and running. It is a smart way for testing this software without altering your environment. It is just download and begin to test Xplico. You can use Xplico to decode traffic in console or via web, uploading your own traffic pcap files. Click here to download it.
Thanks to Carlos Gacimartín.
Forum and Wiki
For some time we have in mind to make available a Wiki that contains the documentation of Xplico. Soon the new Wiki will be available, even if initially it will not have much contents.
Merit and initiative of Carlos Gacimartín also a Forum will be opened. Thanks to Carlos, who has offered to maintain and administer the Forum, the Forum will allow participants to share: suggestions, use and problems concerning Xplico.
In the website of Carlos you can find also a useful help for the problem of installing the package .deb for Ubuntu 9.04.
Live Wep sniffing video tutorial
Bricowifi has created two video tutorials. One of them explains how to perform a live capture (and decoding) of wep traffic.
The videos can be found here.
He also made a tutorial describing step by step installation of Xplico. The tutorial is in French but it is very clear.
Many thanks to Bricowifi.
Connection scrambler
If you search a connection scrambler for Linux that Xplico is not able to recognize, then take a look at SniffJoke 0.3.
DEFT 4
DEFT4 has arrived! In this release, there are many new features.
The novelty of Xplico in Def4 are:
- console-mode Xplico execution
- acquisition and processing in realtime (in console-mode)
- access to every HTTP message. You can examine:
- request header and body
- response header and body
- Therefore it will be viewed the request body of the POST
- Internet Printing Protocol (IPP) and Printer Job Language (PJL) dissectors. With these dissecors you can view, in PDF format, the pages printed with printers that use PCL5E, PCL5C, and PCL6 formats (for example HP LaserJet 2300dn, HP LaserJet 4). Other formats (ex: Zenographics ZJ-stream) are in development
- viewing any video transited in HTTP with content-type “video/flv” extracted from pcap file (ex: YouTube video)
- browsing all images transported in HTTP
- improvement of displaying Web pages extracted from pcap file
Remember to run xplico–start from the Terminal and then launch Firefox with URL: http://localhost
New Site
… just to start
