I would like to extract data from a frame. For example, a frame has SSL data (Non-ssl from malware). How would I extract that data using tshark. Thx. asked 26 Jan '12, 08:09  wshk_newb |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
I would try Splitcap. I have a video on how to use it at http://www.lovemytool.com/blog/2012/01/using-splitcap-to-help-analyze-your-wireshark-trace-files-by-tony-fortunato.html or http://tinyurl.com/6odr3m5