You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After upgrading from 1.60 to 1.70 I can no longer see network interfaces on Wireshark.
Win10 21H2
Npcap 1.70
Wireshark 3.6.6 x64
Reverting back to 1.60 and having all 3 boxes ticked on the installer (restrict/support raw/API compatible) works as expected.
Installing 1.70 with Restrict Npcap driver's access disabled also works and shows interfaces in Wireshark
Seem there is a permission issue introduced between 1.60 and 1.70
The text was updated successfully, but these errors were encountered:
Thanks for the reports. We've been able to reproduce this issue as well and are planning to resolve it in an Npcap 1.71 release that we hope to make soon.
The issue only affects high-integrity processes (e.g. right-click and "Run as Administrator"). Ordinary processes (like running Nmap from an ordinary cmd.exe shell) will launch the NpcapHelper.exe process with UAC elevation, which then shares the Npcap device handle with the lower-integrity parent process. A workaround until the next release, therefore, is to avoid starting Npcap-using processes via the "Run as Administrator" dialog, but rather to let Npcap manage the elevation. This is also preferable generally, since it uses the least privilege necessary.
The issue only affects high-integrity processes (e.g. right-click and "Run as Administrator"). Ordinary processes (like running Nmap from an ordinary cmd.exe shell) will launch the NpcapHelper.exe process with UAC elevation, which then shares the Npcap device handle with the lower-integrity parent process. A workaround until the next release, therefore, is to avoid starting Npcap-using processes via the "Run as Administrator" dialog, but rather to let Npcap manage the elevation. This is also preferable generally, since it uses the least privilege necessary.
That doesn't seem to work when using Wireshark, at least not on my setup, when I start Wireshark as normal user, then I get 3 prompts for the UAC admin credentials when trying to start/use the helper, and then Wireshark still doesn't show interfaces.
After upgrading from 1.60 to 1.70 I can no longer see network interfaces on Wireshark.
Reverting back to 1.60 and having all 3 boxes ticked on the installer (restrict/support raw/API compatible) works as expected.
Installing 1.70 with Restrict Npcap driver's access disabled also works and shows interfaces in Wireshark
Seem there is a permission issue introduced between 1.60 and 1.70
The text was updated successfully, but these errors were encountered: