Gather a trace using wireshark or tcpdump Open Wireshark Under Edit Tab - Find Packet To filter for string in the data of the packet, add Filter criteria, below a multicast address is used, then Search via packet details. Open the pcap in Wireshark and filter on bootp as shown in Figure 1. User-agent strings from headers in HTTP traffic can reveal the operating.
Active2 years, 4 months ago
I need to be able to search all tcp streams that contain a particular string, not just a particular packet. Something like:
tcp.stream contains 'string'
I need to do this in order to filter out all streams containing a certain string to get exactly what I'm looking for. My end goal filter would look something like this:
!(tcp.stream contains 'string I do not want')
Zach OgdenZach Ogden
![Wireshark find string in packet Wireshark find string in packet](/uploads/1/2/5/5/125519738/754276782.png)
1 Answer
the code is quite simple.
if you have other filter just use and,like
Shihe ZhangShihe Zhang1,15344 gold badges2121 silver badges4141 bronze badges