Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

Extracting decrypted QUIC packets in raw format, with decrypted payload.


I'm working on some research for my master's thesis that requires me to capture some raw QUIC packets and save their raw representation to a file, so I can fuzz a protocol implementation. I've been able to capture traffic, load the sslkeylog file into wireshark, and then see the decrypted packets with their content. What I would ultimately like to do now, is save all decrypted packets in a raw (hex/binary), including the decrypted payload, in a raw/binary format to a file. I see that I can use the option "Export packet dissections", but that gives me the packets in the format that Wireshark shows them in the UI.

Normally for unencrypted protocols I'd: right click packet -> Follow <protocol> stream -> Show data as "raw" -> Copy the content to a file.

These steps allow me to save the raw packets (both header and payload) to a file. This gives me full control over the packets and allows me to modify the exact contents before sending them over the net. In this case I'd like to directly modify the headers and payload (fuzzing, basically) to then afterwards encrypt the packet and send it to the server.

Is there an easy or straight-forward way to export the QUIC packets (with decrypted content) in a raw/binary format, to a file?