CyberDefenders released a new PCAP Analysis challenge (Acoustic) earlier today and I took sometime to dig into it. The challenge is focused on VoIP protocols (SIP, RTP, …) and requires the use of some network traffic analysis tools.
I have Wireshark on my machine, so I fired it up, loaded the PCAP file and started digging into the questions. I managed to solve all questions and learned an extremely cool feature in Wireshark which I am about to tell you about.
If you have a PCAP file that include network traffic of VoIP communication, you can listen to the audio using Wireshark. Let me show you step by step.
Open Wireshark and load your PCAP file
On the menu bar, go to the Telephony menu
In the Telephony menu, select SIP Flows
In the SIP Flows windows, select the flow you want to listen to and hit Play Streams
An RTP Player window will open, hit the play button and enjoy the music.