Listen To VoIP Calls in PCAP Files Using Wireshark

CyberDefenders released a new PCAP Analysis challenge (Acoustic) earlier today and I took sometime to dig into it. The challenge is focused on VoIP protocols (SIP, RTP, …) and requires the use of some network traffic analysis tools.

I have Wireshark on my machine, so I fired it up, loaded the PCAP file and started digging into the questions. I managed to solve all questions and learned an extremely cool feature in Wireshark which I am about to tell you about.

TIL

If you have a PCAP file that include network traffic of VoIP communication, you can listen to the audio using Wireshark. Let me show you step by step.

Open Wireshark and load your PCAP file

On the menu bar, go to the Telephony menu

In the Telephony menu, select SIP Flows

In the SIP Flows windows, select the flow you want to listen to and hit Play Streams

An RTP Player window will open, hit the play button and enjoy the music.