This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi all,

first of all, I am very new to this so what i am about to ask could be stupid - i hope not tho. I am slef teaching.

Anyway, I am trying to capture some traffic on my wifi from a messaging app I have installed and what it does is send the message to everyone using UDP. I can tell that the UDP packet contains the message as the packet size increases inline with the size of the message, but I dont know how to access the data to see the message within the UDP packet data section. - OR if it is encrypted and how I would tell what type?

I cant tell if I am doing something wrong or it is a lack of knowledge on my part.

Any help is appreciated.

asked 01 Jan '17, 16:06

newshark's gravatar image

newshark
6112
accept rate: 0%


Wireshark can show you what the packet data is, and if it knows the protocol used and has the required parameters, it is able to dissect that data. So it seems that Wireshark doesn't know the protocol of this messaging app, or doesn't have the required decryption parameters to decrypt it. Either way, that knowledge has to come from elsewhere, this information is not contained in the network data.

permanent link

answered 02 Jan '17, 02:31

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×166

question asked: 01 Jan '17, 16:06

question was seen: 2,403 times

last updated: 02 Jan '17, 02:31

p​o​w​e​r​e​d by O​S​Q​A