Listen To VoIP Calls in PCAP Files Using Wireshark

Ahmed Musaad
Ahmed Musaad
Listen To VoIP Calls in PCAP Files Using Wireshark

One question in CyberDefender's most recent challenge taught me something new. The question asked you to listen to the audio stream that can be found in the PCAP file to find the flag and claim the points. I never knew Wireshark supports doing this hence this TIL.

CyberDefenders released a new PCAP Analysis challenge (Acoustic) earlier today and I took sometime to dig into it. The challenge is focused on VoIP protocols (SIP, RTP, …) and requires the use of some network traffic analysis tools.

I have Wireshark on my machine, so I fired it up, loaded the PCAP file and started digging into the questions. I managed to solve all questions and learned an extremely cool feature in Wireshark which I am about to tell you about.


If you have a PCAP file that include network traffic of VoIP communication, you can listen to the audio using Wireshark. Let me show you step by step.

Open Wireshark and load your PCAP file

On the menu bar, go to the Telephony menu

In the Telephony menu, select SIP Flows

In the SIP Flows windows, select the flow you want to listen to and hit Play Streams

An RTP Player window will open, hit the play button and enjoy the music.

Great! Next, complete checkout for full access to Ahmed Musaad
Welcome back! You've successfully signed in
You've successfully subscribed to Ahmed Musaad
Success! Your account is fully activated, you now have access to all content
Success! Your billing info has been updated
Your billing was not updated