Hi there, Is there any way of NOT specifying a protocol when configuring Wireshark to automatically SSL decrypt (i.e. when adding the key to the RSA key list). I have a custom app that uses SSL to protect its connections, and I'd just like to decrypt the textual data that is passed. Instead, for now, I just put http, wireshark lists it as "Non-HTTP traffic" and it seems things get truncated... Thanks asked 16 Apr '12, 04:18  nafe |
One Answer:
Yes, you can use "data" as the protocol. Wireshark will then just show the decrypted data as hex data. Hmmm... thinking of this, it might be nice to have an "ascii" dissector that one can use if the decrypted protocol is ascii. You might want to file an enhancement request for it on http://bugs.wireshark.org if the data dissector does not provide the output you need. answered 16 Apr '12, 04:34  SYN-bit ♦♦ |
