Hi, I am trying to decrypt SSL IPv6 packets by supplying all the correct information (Full format of IPV6 address, the RSA key, port & protocol). But still I am seeing that the application data contained in the SSL record is still encrypted & not in decrypted format. The same works fine with IPv4 packets. I found the below link on the internet wherein other users too have brought this to notice, but unfortunately I am not able to find if this issue is resolved & if yes, then which version it was resolved. http://www.wireshark.org/lists/wireshark-bugs/200903/msg00279.html The version that I am using is as below: Version 1.8.0rc2 (SVN Rev 43337 from /trunk-1.8) Compiled (64-bit) with GTK+ 2.24.10, with Cairo 1.10.2, with Pango 1.30.0, with GLib 2.32.2, with WinPcap (4_1_2), with libz 1.2.5, without POSIX capabilities, with SMI 0.4.8, with c-ares 1.7.1, with Lua 5.1, without Python, with GnuTLS 2.12.18, with Gcrypt 1.4.6, without Kerberos, with GeoIP, with PortAudio V19-devel (built Jun 18 2012), with AirPcap. Running on 64-bit Windows 7 Service Pack 1, build 7601, with WinPcap version 4.1.2 (packet.dll version 4.1.0.2001), based on libpcap version 1.0 branch 1_0_rel0b (20091008), GnuTLS 2.12.18, Gcrypt 1.4.6, without AirPcap. Built using Microsoft Visual C++ 10.0 build 40219 asked 23 May '13, 01:55  Prabhat |
One Answer:
I've no idea whether it will fix your problem, but try upgrading to an actual release version of Wireshark. 1.8.7 is the current stable release, see the Download page for more options. The email you quote referenced Bug 3343 and that was closed as fixed in April 2011 so should have been in 1.8.0rc2 (released 6 Jun 2012). Can you post the contents of your ssl debug log (set in preferences for SSL) as a comment? answered 23 May '13, 02:38  grahamb ♦ |
