Wireshark mailing list archives
Re: WIRESHARK AND CAMFROG CHAT SYSTEM
From: Martin Visser <martinvisser99 () gmail com>
Date: Sun, 10 Oct 2010 17:07:29 +1100
Joseph, If you want to build a display filter, probably the best bet is to use the "Expression" button near filter entry box and use that to guide you. TCP port display filters will look something like "tcp.port == 1234" (which include TCP port 1234 as both source or destination port). You can specify these exactly with "tcp.srcport ==1234" or "tcp.dstport == 1234". A range could be specified as "tcp.port >= 6000 && tcp.port <= 10000". You can also specifiy "udp' in the same way. While this will help isolate the traffic (from other traffic on your network) it doesn't necessarily make your job easier. From a look via Google, it seems that a number of researchers have had a go at trying to decode it, but like any other proprietary and obscure protocol, the job seems pretty difficult when you are only reverse engineering. To be honest unless you are already familiar with how other well know protocols like say HTTP, SSL or RTP work, you are probably facing an uphill job unless you are prepared to put in some long hours. Regards, Martin MartinVisser99 () gmail com On Sun, Oct 10, 2010 at 3:36 PM, Joseph Johnson <xbetas () b2b2c ca> wrote:
[image: Cliquez-moi!]<http://www.incredimail.com/app/?tag=display_picture_click_me_re&lang=12&version=6224750&setup_id=12000007&aff_id=102&addon=IncrediMail&upn=e5c157cd-4b59-45c9-97d2-e818d7a5976e> I DONT KNOW HOW THAT WORK BUT WHEN I TRY WIRESHARK WHEN ITS SNIFF THE NETWORK I DONT SEE LIKE FILTERS WORDS WHEN I (IM) PEOPLE I LIKE ENCRYPTED WHEN I AM CONNECTING ONT THE CHATSYSTEME I SEE IP BUT I CAN FIND NOTHING ALL ABOUT WHAT AM SEARCHING ONT WIRESHARK CAN SOME ONE SEND ME A FILTER ALL ABOUT WHAT I HAVE MAKE HERE WITH THE TCP AND UDP BEGIN AND END CAN SOME ONE SEND ME A EXAMPLE OFF EXPRESSION FILTER CAMFROG SERVER SETTING SERVER LISTENING TCP PORT: 6005 TCP RANGE BEGIN: 6000 TCP RANGE END: 10000 UDP RANGE BEGIN: 5000 UDP RANGE END: 15000 [image: Animations GRATUITES pour votre messagerie - par IncrediMail! Cliquez ici!]<http://www.incredimail.com/?id=605280&rui=131237960&sd=20101010> ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- WIRESHARK AND CAMFROG CHAT SYSTEM Joseph Johnson (Oct 09)
- Re: WIRESHARK AND CAMFROG CHAT SYSTEM Martin Visser (Oct 09)
- Re: WIRESHARK AND CAMFROG CHAT SYSTEM David H. Lipman (Oct 10)