Finding Downloaded Files In .pcap File

ftp packet-analyzer

I am looking through a packet capture (.pcap) file, trying to find 4 files downloaded from an FTP server, but haven’t been able to find them. I have tried many online tools, but am unable to use Wireshark, tcpick, and tcpxtract. Any help would be awesome, or any other tools I can use to find them. I’m using Ubuntu Version 18.


You can use Wireshark. After installing Wireshark open the .pcap file in wireshark and follow the steps:

Filter ftp-data by typing in above pane and press enter.

Now Right click on FTP filter data stream showing and click Follow > TCP Stream

Now in the new window that open Change Show and save data as Raw click Save as... and save the file with your desired name.

Related

Does user `ubuntu` exist by default on Ubuntu
No Wireless When Install 14.04 on Macbook Pro
How to create wifi hotspot in Ubuntu 16.04 since AP-Hotspot is no longer working
How do I skip the Grub menu on a dual-boot system? [duplicate]
How to log all Bash commands by all users on a server?
How do you show FPS and ping in GW2?
Does Tree Tubing still work?
Does it matter if I open one or two doors? [duplicate]
Once a player is level 8, what happens to AP gained?
How can I protect my Cob Cannons?
My son/heir wants to join the Varangian Guard, should I let him?
Is there a limit to the amount of armor you can have?