Hi! Please, help me!!! I can't decode XMPP packets. It's possible with wireshark? Thanks asked 16 Mar '14, 19:43  nataap edited 16 Mar '14, 20:01  Hadriel |
One Answer:
Yes, it decodes XMPP. It assumes the TCP port for it is 5222, so if your server is using a different port you'll need to tell wireshark to decode your particular TCP packets as XMPP by using the "Decode As" feature (either through the Analyze menu, or by right-clicking one of the packets you want it to decode as XMPP). And of course if your XMPP communication is over encrypted SSL/TLS, then wireshark can't decode that unless you give it the key info. answered 16 Mar '14, 20:04 Hadriel |
Thank you very much! I deactivated SSL/TLS on the OpenFire server and now i can see text of messages!
Where can I the key my client (pidgin) is using? It's likely to be impossible:
Unfortunately, this feature can only decrypt traffic that is transport-layer-encryted. If you have any traffic where encryption is implemented in the protocol itself (usually called "STARTTLS"), as with most SMTP or XMPP (Jabber) services, you can not decrypt the traffic like this at the moment.