Sunday, July 24, 2011

HOWTO : Solves the Wireshark not loading on Back|Track 5

Back|Track 5 comes with Wireshark 1.6.1 as at July 24, 2011 (GMT +8) However, it does not load properly due to missing a file namely "libwsutil.so.0".

Therefore, we need to compile the latest SVN version of Wireshark from source. The current SVN version is 1.7.0-SVN-38173 at time of this writing.

Step 1 :

Go http://www.wireshark.org/download/automated/src/ to get the latest version of the Wireshark. The latest version at the time of this writing is 1.7.0-SVN-38173.

*** Please note that the latest version as at July 25, 2011 is 1.7.0-SVN-38202.

apt-get update
apt-get install libtool flex libgtk2.0-dev lua50
apt-get install dpatch libc-ares-dev docbook-xsl libpcre3-dev libcap-dev libgnutls-dev libkrb5-dev liblua5.1-0-dev libsmi2-dev libgeoip-dev xsltproc automake1.9


Step 2 :

apt-get --purge remove wireshark

** Don't need to remove the previous wireshark. So that the menu entry can be reminded unchanged.

Step 3 :

tar -xvjf wireshark-1.7.0-SVN-<LATEST_VERSION>.tar.bz2

cd wireshark-1.7.0-SVN-<LATEST_VERSION>

Step 4 :

./autogen.sh
./configure
make debian-package


Step 5 :

cd ..

If you are installed 64-bit Back|Track 5 :

dpkg -i wireshark-common_1.7.0_amd64.deb wireshark_1.7.0_amd64.deb tshark_1.7.0_amd64.deb

OR

If you are installed 32-bit Back|Track 5 :

dpkg -i wireshark-common_1.7.0_i386.deb wireshark_1.7.0_i386.deb tshark_1.7.0_i386.deb

Step 6 :

/usr/bin/wireshark

That's all! See you.