Termshark in docker !!

May 10, 2021

Wireshark in a terminal …

Termshark is pretty cool utility https://termshark.io/, essentially wireshark in a terminal mode. It can be run in a docker container as shown and on kubernetes (coming up soon ;-).

Building a poc container

docker run -itd --privileged=true --net=host --name termshark ubuntudocker exec -it termshark bash

Please note the required --privileged flag, if not, you get some strange error messages. The --net=host flag allows you to capture the host network and see some host network related traffic.

Install the dependencies and binary

apt-get -y update
apt-get install net-tools
apt install -y termshark     #you need to answer some questions

Let’s try

termshark -i eth0

Voila …

Written by Philippe Bogaerts

189 Followers

#BruCON co-founder, #OWASP supporter, Application Delivery and Web Application Security, #Kubernetes and #container, #pentesting enthousiast, BBQ & cocktails !!

Recommended from Medium

Container-to-Container Communications in Kubernetes

Palash Goel

Container-to-Container Communications in Kubernetes

What is container ?

2 min readMay 9

Setting up BIND DNS for your Homelab using Docker

Justin Jones

Setting up BIND DNS for your Homelab using Docker

A step-by-step guide to configure a DNS server with Docker for your homelab environment.

4 min readMay 5

Lists

Coding & Development

11 stories195 saves

New_Reading_List

174 stories128 saves

Natural Language Processing

658 stories267 saves

Fsegredo

Docker best practices

TL: DR

6 min readJul 24

Austin P Blaise

Building Dockerfile

When building a container with dockerfile keep these in mind,

2 min read5 days ago

A person drowning asking for help with her arm up

Guilherme Pereira

Kubernetes “x509: certificate has expired or is not yet valid” error

This is going to be a short article and I want to write it because of the pain that it took me to fix this error.

4 min readMay 16

The differences between Docker, containerd, CRI-O and runc

Vineet Kumar

The differences between Docker, containerd, CRI-O and runc

Containers aren’t tightly coupled to the name Docker. You can use other tools to run containers

6 min readJun 24

See more recommendations

Help
Status
Writers
Blog
Careers
Privacy
Terms
About
Text to speech
Teams

Termshark in docker !!

Building a poc container

Install the dependencies and binary

Let’s try

Written by Philippe Bogaerts

More from Philippe Bogaerts

Advanced debugging in Kubernetes

Introduction

How to TCPdump effectively in Docker

NEW: Hands-on labs available https://cloudyuga.guru/hands_on_lab/tcpdump_docker.

Exploiting applications using liveness probes in Kubernetes

Introduction

Cilium mutual auth … DIY

Introduction

Recommended from Medium

Container-to-Container Communications in Kubernetes

What is container ?

Setting up BIND DNS for your Homelab using Docker

A step-by-step guide to configure a DNS server with Docker for your homelab environment.

Lists

Coding & Development

New_Reading_List

Natural Language Processing

Docker best practices

TL: DR

Building Dockerfile

When building a container with dockerfile keep these in mind,

Kubernetes “x509: certificate has expired or is not yet valid” error

This is going to be a short article and I want to write it because of the pain that it took me to fix this error.

The differences between Docker, containerd, CRI-O and runc

Containers aren’t tightly coupled to the name Docker. You can use other tools to run containers