Skip to content

A Wireshark Dissector for the Medius protocol.

License

Notifications You must be signed in to change notification settings

hashsploit/medius-wireshark

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Medius Wireshark Dissector

Medius Wireshark Dissector

An Open Source Medius packet dissector for Wireshark.

Reference: https://wiki.hashsploit.net/PlayStation_2#Medius

Verified working on:

  • Linux Wireshark Version 3.2.3 (Git v3.2.3 packaged as 3.2.3-1)
  • Mac OS X Wireshark Version 3.4.9 (v3.4.9-0-g365e236f5efe)
  • Windows 7 Version 3.4.10 (v3.4.10-0-g733b3a137c2b)
  • Windows 10 Version 10.0.19043.1387 (v3.4.10-0-g733b3a137c2b) Note- For Win10 users, if you have your Wireshark Plugins directory mounted to a different drive make sure to Run as Adminstrator on Wireshark to properly accept the agreement!

Settings

You can enable Expert Info under Tools > Medius Wireshark Dissector > Toggle Expert Info.

You can also access the PlayStation 2 and PlayStation 3 reverse engineering wiki's directly from the toolbar: Tools > Medius Wireshark Dissector > Wiki ...

Requirements

The Medius Wireshark Dissector plugin requires Wireshark version 1.4 or newer. The plugin uses Wireshark's Lua scripting interface and runs on all platforms supported by Wireshark, provided the Lua interface has been enabled.

Installation

The plugin should be installed in your Wireshark Lua plugin directory.

You can find your Wireshark plugin directory by opening Wireshark and going to Help > About Wireshark and clicking on the Folders tab. The Personal Lua Plugins directory should be used to install the Medius Wireshark Dissector plugin.

You can install the plugin by cloning this repository into a directory named medius-wireshark in your Wireshark plugins folder.

If you run Mac or Linux you can use the ./install.sh script to install the plugin for you. Otherwise follow the steps below:

  1. If the path displayed as your Personal Lua Plugins directory doesn't exist, create it with mkdir -p <path>.
  2. Change to that directory with cd <path>
  3. Clone the repository with
git clone https://github.com/hashsploit/medius-wireshark.git

Mac & Linux Path: ~/.local/lib/wireshark/plugins Windows Path: C:\Users\%USERNAME%\AppData\Roaming\Wireshark\plugins\

Alternatively you can download the zip file and extract the contents of the medius-wireshark-master folder into a folder named medius-wireshark in your Wireshark Personal Lua plugins directory.

Running as root or admin: If you are running Wireshark as root or admin, you may need to enable support for Lua scripts by modifying your /etc/Wireshark/init.lua script and setting the runuser_scripts_when_superuser field to true.

run_user_scripts_when_superuser = true

Rather than running as root or admin, try enabling capture privileges for the user running Wireshark.

Uninstall

To uninstall the plugin, simply delete the medius-wireshark plugin folder or if you are on Mac or Linux run ./install.sh --uninstall.