Ask Your Question

JustPlayin's profile - activity

2023-01-16 11:04:19 +0000 received badge  Popular Question (source)
2019-07-31 04:44:07 +0000 edited question How to change content of follow TCP stream

How to change content of follow TCP stream Hi All, I am currently writing a plugin to decrypt SSH using virtual machine

2019-07-31 04:44:05 +0000 received badge  Editor (source)
2019-07-31 04:44:05 +0000 edited question How to change content of follow TCP stream

How to change content of follow TCP stream Hi All, I am currently writing a plugin to decrypt SSH using virtual machine

2019-07-23 06:07:53 +0000 asked a question How to change content of follow TCP stream

How to change content of follow TCP stream Hi All, I am currently writing a plugin to decrypt SSH using virtual machine

2019-07-18 05:44:24 +0000 marked best answer How to access new key files in the SSH preferences.

Hi all,

I would like to decrypt SSH using Wireshark. For this purpose, I want to add four new fields in the class packet-ssh.c in the function proto_register_ssh(void). Using, for example, the function prefs_register_string_preference(). My question is now. After the user has entered these keys in the new fields, pressed "Ok" and started the capturing of SSH packets, how can I get the entered values later on for example in the ssh_dissect_ssh2() function in packet-ssh.c class? Thanks a lot in advance!

2019-07-17 17:41:21 +0000 asked a question How to access new key files in the SSH preferences.

How to access new key files in the SSH preferences. Hi all, I would like to decrypt SSH using Wireshark. For this purpo

2019-07-12 11:08:45 +0000 commented answer Wireshark Debug. Where packet data is stored?

Ah shit! Ok Thanks a lot :)

2019-07-12 11:04:37 +0000 marked best answer Wireshark Debug. Where packet data is stored?

I am currently debugging Wireshark to find out the field in which the SSH packet data is stored. I have my breakpoint in the function:

ssh_dissect_ssh2(tvbuff_t *tvb, packet_info *pinfo, struct ssh_flow_data *global_data, int offset, proto_tree *tree, int is_response, gboolean *need_desegmentation)

Can someone of you tell me where the data is stored? I cannot find it...

2019-07-12 11:04:37 +0000 received badge  Scholar (source)
2019-07-12 10:46:14 +0000 commented answer Wireshark Debug. Where packet data is stored?

Thanks a lot. I tried it as you said but unfortunately I only get this error: "Warn Dissector bug, protocol SSH, in pack

2019-07-12 10:01:48 +0000 commented answer Wireshark Debug. Where packet data is stored?

Ok. First thanks for your information. That's really helpful! Just for clarification, I try to get the real_data out of

2019-07-12 09:30:38 +0000 commented answer Wireshark Debug. Where packet data is stored?

Ok. First thanks for your information. That's really helpful! Just for clarification, I try to get the real_data out of

2019-07-12 08:09:27 +0000 commented answer Wireshark Debug. Where packet data is stored?

And as size do I take the size of the struct? so sizeof(tvb)?

2019-07-11 10:28:08 +0000 commented answer Wireshark Debug. Where packet data is stored?

Offset to the real_data field.

2019-07-11 07:50:42 +0000 commented answer Wireshark Debug. Where packet data is stored?

Thanks grahamb. It is somehow possible to access the fields of this structure? Since when I try, I get an error that the

2019-07-11 07:50:05 +0000 commented answer Wireshark Debug. Where packet data is stored?

Thanks grahamb. It is somehow possible to access the fields of this structure? Since when I try, I get an error that the

2019-07-11 06:21:50 +0000 commented answer Wireshark Debug. Where packet data is stored?

Thanks grahamb. It is somehow possible to access the fields of this structure? Since when I try, I get an error that the

2019-07-10 06:43:12 +0000 asked a question Wireshark Debug. Where packet data is stored?

Wireshark Debug. Where packet data is stored? I am currently debugging Wireshark to find out the field in which the SSH

2019-07-05 08:15:45 +0000 commented question Implementing a SSH decryption plugin

Hello xinxolHH, the decryption only works, if you are inside a virtual environment and are using some tools to extract t

2019-07-04 05:55:09 +0000 asked a question Implementing a SSH decryption plugin

Implementing a SSH decryption plugin Hi all, I am currently working on a decryption tool for SSH. I already have impleme