Implementing a SSH decryption plugin
Hi all, I am currently working on a decryption tool for SSH. I already have implemented the tool and it works fine, but now I want to add it into Wireshark, which means I want to extend the SSH preferences menu so that I can add the keys and then use them together with my tool. All tutorials I found are only for adding a dissector to Wireshark and none of them seems to cover my problem... Do you have maybe an idea where I could start? Cheers!
Hello Justplayin, If you are working on a SSH decryption, I am interested in knowing more, discussing ideas, share knowledge. Please take a look to the Wiki Wireshark page. https://wiki.wireshark.org/SSH, do you have another version of code including the new plugin. I understand at the current moment /current version it is not possible.
Hello xinxolHH, the decryption only works, if you are inside a virtual environment and are using some tools to extract the necessary keys from the memory. I already had a look at the wiki, but there is not so much about a possible plugin, or a place where I could start.