ShareSource Site »
Projects » sniffitzt »
sniffitztBug Tracker
Summary ![[^]](/i/16x16/places/user-home.png)
Files ![[^]](/i/16x16/apps/preferences-desktop-display.png)
Screenshots ![[_]](/i/16x16/actions/document-properties.png)
Wiki ![[!]](/i/16x16/apps/kbugbuster.png)
Bug Tracker
![[*]](/i/16x16/apps/internet-mail.png)
Lists 
Mercurial Repository
Actions » View tickets | Report a bug
First:
Its a bit tricky to connect the C App Wireshark and the Java App Sniffitzt
But Wireshark uses Pcap (under Windows Winpcap) for traffic logging...
There is a very fine Java Lib to connect to this Libarys: JPcap
I already started to implement something but as is see... In 3.1.0 the encryption changes and we can't decrypt off-stream
So no external listening we have to be on-stream to break the encryption... so I give up the system...
Comment by:
arrai | Posted: Sunday, 22 March 2009, 09:41AM (22/03/2009)
Yes, with 3.1.0 it is nearly impossible. As mentioneded [url http://arrai.wordpress.com/2009/03/07/rc4-encryption-in-310-client/ here] you can calculate the required keys, but this will require a lot of time :)
Project: sniffitzt - a wow logging proxy [Bug Tracker]
Summary Files Screenshots Wiki Bug Tracker Lists Mercurial Repository Bug #320 [CLOSED]
Reason: Won't implement
| Vital Bug Details | |
|---|---|
| Summery: Plugin for Wireshark | |
| Severity: Very Low | |
| Status: | Priority: Low |
| Assigned to: Nobody | Percent Complete: 0% |
| Bug Reporter | |
| Reported by: Anonymous ( on Tuesday, 17 March 2009, 01:05PM (17/03/2009) ) | |
| Bug Details | |
| I was thinking about a Plugin for the network-sniffer Wireshark.
The macro to decrypt the networktraffic is not needed anymore so i think it should be possible to decrypt the traffic offline. might be wrong, but a decrypter in wireshark would be nice . |
|
| View History » | |
Comments
Comment by: mknjc | Posted: Tuesday, 17 March 2009, 06:20PM (17/03/2009)First:
Its a bit tricky to connect the C App Wireshark and the Java App Sniffitzt
But Wireshark uses Pcap (under Windows Winpcap) for traffic logging...
There is a very fine Java Lib to connect to this Libarys: JPcap
I already started to implement something but as is see... In 3.1.0 the encryption changes and we can't decrypt off-stream
So no external listening we have to be on-stream to break the encryption... so I give up the system...
Comment by:
arrai | Posted: Sunday, 22 March 2009, 09:41AM (22/03/2009)Yes, with 3.1.0 it is nearly impossible. As mentioneded [url http://arrai.wordpress.com/2009/03/07/rc4-encryption-in-310-client/ here] you can calculate the required keys, but this will require a lot of time :)