This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hello, I am trying to understand the communication protocol of whatsapp for research reasons. I have been capturing the data from my android device and I have a question regarding the protocol laying on top of TCP.

I know that wireshark uses XMPP protocol which indeed I can see in my pcap. However, there are two cases where Whatsapp uses SSL.

  1. When the application tries to contact the service ppt.whatsapp.com then it uses the normal SSL (including handshakes and everythign)
  2. Sometimes the applications when contacting one of the normal serves e.g e10.whatsapp.com starts using the SSL protocol and WireShark returns the "Continuation Data"

Is the choice of the protocol random some times or am I missing something here? I have already googled around but was unable to find something specific about the Whatsapp protocl.

Thanks!

asked 03 Mar, 05:31

MikeXe's gravatar image

MikeXe
6112
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×238
×124
×34
×9

question asked: 03 Mar, 05:31

question was seen: 599 times

last updated: 03 Mar, 05:31

p​o​w​e​r​e​d by O​S​Q​A