Ask Your Question
0

how to decode/decrypt udp packet data

asked 2021-01-02 15:23:28 +0000

wireshark_help_me gravatar image

it's in the subject name ^

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2021-01-02 17:34:50 +0000

Jaap gravatar image

This all starts by knowing the protocol used to encode the UDP packet data. If the protocol is known to Wireshark you can use the 'Decode as' feature to direct the data towards it. If not known to Wireshark this could be added by programming a dissector for it.

edit flag offensive delete link more

Comments

What's best way for programming a dissector?

wireshark_help_me gravatar imagewireshark_help_me ( 2021-01-03 02:19:05 +0000 )edit

to read this stuff: https://www.wireshark.org/docs/wsdg_h... anything you need to begin you will find there. In your wireshark folder there is also a tool which generates a skeleton code for you if you want to develop the dissector in c

Robin26689 gravatar imageRobin26689 ( 2021-01-29 06:40:33 +0000 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2021-01-02 15:23:28 +0000

Seen: 13,459 times

Last updated: Jan 02 '21

Related questions

Why would I be getting "LEN 1 (Malformed Packet)"... "(Malformed Packet: RTCP)" on UDP Packets

How to get TLSv1.2 to decode

My UDP packets aren't showing

Problems decoding BLE capture from another Wireshark program

Monitoring UDP data on wireshark shows ARP packet

How do I use the fragment_add_seq_check function in UDP packet reassembly?

Is it possible to use reassembly on non-split packets?

How do I dissect packets if the dissection depends on information from earlier packets?

What is the udp.length display filter actually for?

IO Graph: Plot ICMP response time