Hi all... I'm analyzing a home-grown application that uses SSL. I do not have the Private Key, so there is no way to isolate requests and responses, except for identifying where the "Application Data" changes direction. I can do that manually, and I often do for small-ish captures. But I'm now looking at a ~1600-packet capture (1 TCP connection), and it would be helpful if I could determine how many application turns occur in this connection. I thought I saw some Wireshark screen, at some point, that tallied Application Turns. For the life of me, I cannot find such a screen now. Was I dreaming? Or, does Wireshark calculate App Turns and make it available somewhere. Thx!! feenyman99 asked 01 Feb '17, 13:07  feenyman99 |
One Answer:
Take a look at a plugin called TRANSUM. See https://community.tribelab.com/course/view.php?id=9 Best regards...Paul answered 04 Feb '17, 23:08  PaulOfford |
If you are referring to the code than this open link to the Wireshark code would be more appropriate than a login required site.
@Jaap Good point re the Wireshark code. The only problem is that feenyman99 would have to run a dev version of Wireshark to get TRANSUM. Whichever way he goes, the documentation on TribeLab accurately describes TRANSUM and is accessible without login.
Registering on TribeLab for access to the transum.dll or transum.lue plugin is completely free.