This is our old Q&A Site. Please post any new questions and answers at

Hi! Please, help me!!! I can't decode XMPP packets. It's possible with wireshark? Thanks

asked 16 Mar '14, 19:43

nataap's gravatar image

accept rate: 0%

edited 16 Mar '14, 20:01

Hadriel's gravatar image


Yes, it decodes XMPP. It assumes the TCP port for it is 5222, so if your server is using a different port you'll need to tell wireshark to decode your particular TCP packets as XMPP by using the "Decode As" feature (either through the Analyze menu, or by right-clicking one of the packets you want it to decode as XMPP). And of course if your XMPP communication is over encrypted SSL/TLS, then wireshark can't decode that unless you give it the key info.

permanent link

answered 16 Mar '14, 20:04

Hadriel's gravatar image

accept rate: 18%

Thank you very much! I deactivated SSL/TLS on the OpenFire server and now i can see text of messages!

(17 Mar '14, 09:44) nataap

Where can I the key my client (pidgin) is using? It's likely to be impossible: Unfortunately, this feature can only decrypt traffic that is transport-layer-encryted. If you have any traffic where encryption is implemented in the protocol itself (usually called "STARTTLS"), as with most SMTP or XMPP (Jabber) services, you can not decrypt the traffic like this at the moment.

(23 Oct '14, 16:03) x-yuri
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 16 Mar '14, 19:43

question was seen: 11,623 times

last updated: 23 Oct '14, 16:08

p​o​w​e​r​e​d by O​S​Q​A