OSQA is unmaintained. Help us figure out where to go from here.

I have a pcap of websocket traffic . how can i see clear payload meaning after deflat masking .... actually i have a couple of question but first a bit of info i can see that both client and server agree on the flag premessage-deflate in addition the client sent client_max_window_bits without number (i assume by default its 32k window right???) another info : some of the packets are masked

additional question : do you do the decompression after unmasking the payload or after ? what octets do you decompress (i assume everything after the websocket header)? before decompressing do i need to add decompressing headers like 0x78 0x01 ? do you know any python library that can do it for me ?

thanks

asked 18 May, 13:57

saeedh's gravatar image

saeedh
21225
accept rate: 0%

Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×7
×6
×2

question asked: 18 May, 13:57

question was seen: 45 times

last updated: 18 May, 13:57

p​o​w​e​r​e​d by O​S​Q​A