This is our old Q&A Site. Please post any new questions and answers at

Hello, I am trying to understand the communication protocol of whatsapp for research reasons. I have been capturing the data from my android device and I have a question regarding the protocol laying on top of TCP.

I know that wireshark uses XMPP protocol which indeed I can see in my pcap. However, there are two cases where Whatsapp uses SSL.

  1. When the application tries to contact the service then it uses the normal SSL (including handshakes and everythign)
  2. Sometimes the applications when contacting one of the normal serves e.g starts using the SSL protocol and WireShark returns the "Continuation Data"

Is the choice of the protocol random some times or am I missing something here? I have already googled around but was unable to find something specific about the Whatsapp protocl.


asked 03 Mar '17, 05:31

MikeXe's gravatar image

accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 03 Mar '17, 05:31

question was seen: 1,934 times

last updated: 03 Mar '17, 05:31

p​o​w​e​r​e​d by O​S​Q​A