Google’s Wireshark Dissectors for NFC

Earlier, I noticed that @hiro99ma had ReTweeted a post from @eggman stating the following:

欲しかったやつだ。Googleの作ってるね。 / “wireshark-nfc – NFC dissectors for Wireshark. – Google Project Hosting”http://htn.to/pRdVY8 

The Japanese text roughly means something like “Fellows wanted. People inside Google are making this”, from what I understand.

That aside, after cloning the Git repository into my local Wireshark SVN plugins directory, my initial attempt at building the code failed with:

However, I was quickly able to rectify the problem by exporting some environment variables:

export WIRESHARK_INCLUDE=$HOME/wireshark/
export WIRESHARK_LIB=$HOME/wireshark/lib/

Under my VirtualBox-based Ubuntu installation, the plug-in binary (nfc-wireshark.so) was installed in /home/tyson/.wireshark/plugins, after running make install again.

However, after starting Wireshark using sudo, it appears that the plug-in itself was undetected – since the aforementioned path isn’t the default plug-in search path for the root user.

When the dissector plug-in is unavailable, it is possible to open an LLCP trace file – but packets are displayed in a generic manner:

After moving the binary to /usr/local/lib/wireshark/plugins/1.7.2/, and restarting Wireshark, I was successfully able to dissect the packets in the example trace file:

Hopefully, Google will work with the upstream Wireshark developers in order to integrate this functionality into mainline, so that I can investigate integration of the NDEF payload dissector into my FeliCa and MiFare dissectors; and also see if it’s possible to integrate the main LLCP dissector with my NXP PN532 chipset-specific protocol one.

Advertisements
Explore posts in the same categories: Everything

Tags: , , , , , , , ,

You can comment below, or link to this permanent URL from your own site.

One Comment on “Google’s Wireshark Dissectors for NFC”


  1. Hi there! I’m the author of wireshark-nfc. I didn’t know about your dissectors; they look very interesting.

    I’d be happy to have your contributions, especially if you’d like to help get these merged into wireshark. Send a request on the google code page or send me an email (it’s there on google code) if you’re interested.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: