Xplico

November 15, 2009
Comments Off on Xplico version 0.5.3 and DEFT Vx5
Binary, DEFT, Dissectors, Improvements, News, Release, Visualization

Xplico version 0.5.3 and DEFT Vx5

You can find this release in DEFT Vx5 Linux distribution.
You can download source code, Ubuntu 9.10 package and VirtualBox.org image here.

This version of Xplico introduce many new features:

snoop Packet Capture File Format as input file
DNS dissector with graphical representation in Xplico Interface (XI)
NNTP dissector
PPPOE dissector
direct live acquisition from XI
new dispatcher named CLI: this dispatcher organize the data extracted in a tree as this:
xdecode/<ip_src_1>/http xdecode/<ip_src_1>/mail/ xdecode/<ip_src_1>/nntp xdecode/<ip_src_1>/ftp xdecode/<ip_src_1>/... xdecode/<ip_src_2>/http xdecode/<ip_src_2>/mail/ xdecode/<ip_src_2>/nntp xdecode/<ip_src_2>/ftp xdecode/<ip_src_2>/...

default CLI dispatcher in command line execution
file extension for the HTTP contents

We have to thank:

Carlos Gacimartín, for his help
Doriano Azzena, for his support in debugging
Matteo G.P. Flora for inspiration of DNS XI graphics
Open Flash Chart team for their wonderful tool
all forum users for their debug

Enjoy ;).

October 27, 2009
Comments Off on VirtualBox Image of Debian 5.0 with Xplico
Binary, News

VirtualBox Image of Debian 5.0 with Xplico

At SourceForge there is a VirtualBox.org image of Debian 5.0 with Xplico 0.5.2 installed and running. It is a smart way for testing this software without altering your environment. It is just download and begin to test Xplico. You can use Xplico to decode traffic in console or via web, uploading your own traffic pcap files. Click here to download it.

Thanks to Carlos Gacimartín.

August 11, 2009
Comments Off on Xplico v0.5.2 Ubuntu package
Binary

Xplico v0.5.2 Ubuntu package

It is available for download the binary package of Xplico 0.5.2 for Ubuntu 9.04.
After installation, you must follow these steps:

edit /etc/php5/apache2/php.ini to increase the size of files to upload:
- post_max_size = 100M
- upload_max_filesize = 100M
restart Apache2
start Xplico decoding manager: sudo /opt/xplico/script/sqlite_demo.sh
open url: http://localhost:9876 (Xplico Interface login)

For optimal viewing of web pages reconstructed by Xplico (using only the data in pcap files, and NOT go to the Internet) set the proxy in Firefox at localhost with port 9876.

Thanks to * for his help.

And now… enjoy.

Newer Entries »