A quick guide using Xplico for wireless investigations. Xplico analyzes a capture file taken from a suspect's wireless and performs carving techniques to extract artifacts.
2. Linux OS
◦ Kali (used for this test)
◦ Backtrack
◦ Others will work too
Installed Applications
◦ Xplico
◦ Apache
CAPTURE file from suspect’s wireless
3. Open a terminal window and type:
/etc/init.d/apache2 start
17. Xplico offers quick and easy packet analysis.
Other data that can be extracted:
◦ RTP and SIP streams
◦ Emails
◦ Images
◦ And much more
Always a good idea to run other carving tools
on the CAPTURE file