This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Whatsapp application protocol usage

0

Hello, I am trying to understand the communication protocol of whatsapp for research reasons. I have been capturing the data from my android device and I have a question regarding the protocol laying on top of TCP.

I know that wireshark uses XMPP protocol which indeed I can see in my pcap. However, there are two cases where Whatsapp uses SSL.

  1. When the application tries to contact the service ppt.whatsapp.com then it uses the normal SSL (including handshakes and everythign)
  2. Sometimes the applications when contacting one of the normal serves e.g e10.whatsapp.com starts using the SSL protocol and WireShark returns the "Continuation Data"

Is the choice of the protocol random some times or am I missing something here? I have already googled around but was unable to find something specific about the Whatsapp protocl.

Thanks!

asked 03 Mar '17, 05:31

MikeXe's gravatar image

MikeXe
6112
accept rate: 0%