Hey guys~ This is IRISnoir from Hackingarise. Bringing to you another tutorial. This time it’s about how we can observe phone-call packets using the ultimate network sniffer: Tshark.
Now, if you are unfamiliar with it then maybe you should check this out.
Now, let me explain how this works:
Take this scenario as an example. You wanna tease/scare your friend by sending them their location. But you will need their IP. That’s why you proceed to call them with an app that has its traffic UNENCRYPTED. Then when you call them, you can intercept the traffic and observe the packets. Thus finding their IP and additional info.
You must have Tshark set up first.
tsudo tshark --color
Then it will begin to sniff packets in the air.
Now what you need to do is to call your friend.
As you are calling, the system makes a ‘request’ to call the target.
Then, as the target approves the call and picks up. It sends a reply back. Keep that in mind. It will appear as a handshake reply.
Notice that at the source – destination part.
Let’s say your IP is 192.168.1.69
And your friend’s IP is 220.127.116.11
When the request packet is sent, it appear as something like this:
192.168.1.69 -> 18.104.22.168 WireGuard Handshake Request
And if your friend picks up, it appears as something like this:
22.214.171.124 -> 192.168.1.69 WireGuard Handshake Reply
Then you can extract the IP then track it.
Thank you for taking your time to read. If you find this helpful, why not share. Have a nice day. Remember, stay ethical as Hackingarise is not responsible for any of your malicious acts. Once again, thank you for reading and being a part of our community.