Hi all, first of all, I am very new to this so what i am about to ask could be stupid - i hope not tho. I am slef teaching. Anyway, I am trying to capture some traffic on my wifi from a messaging app I have installed and what it does is send the message to everyone using UDP. I can tell that the UDP packet contains the message as the packet size increases inline with the size of the message, but I dont know how to access the data to see the message within the UDP packet data section. - OR if it is encrypted and how I would tell what type? I cant tell if I am doing something wrong or it is a lack of knowledge on my part. Any help is appreciated. asked 01 Jan '17, 16:06  newshark |
One Answer:
Wireshark can show you what the packet data is, and if it knows the protocol used and has the required parameters, it is able to dissect that data. So it seems that Wireshark doesn't know the protocol of this messaging app, or doesn't have the required decryption parameters to decrypt it. Either way, that knowledge has to come from elsewhere, this information is not contained in the network data. answered 02 Jan '17, 02:31  Jaap ♦ |
