Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 5899] New: Most edonkey packets cannot be dissected because of the Protocol Ob

Wireshark-bugs: [Wireshark-bugs] [Bug 5899] New: Most edonkey packets cannot be dissected becaus

Date: Sun, 8 May 2011 08:57:42 -0700 (PDT)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5899

           Summary: Most edonkey packets cannot be dissected because of
                    the Protocol Obfuscation
           Product: Wireshark
           Version: SVN
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: xiaoxiangquan@xxxxxxxxx


Created an attachment (id=6301)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=6301)
a real capture from downloading, 95% of the packets cannot be dissected

Build Information:
Version 1.5.1 (SVN Rev 36407 from /trunk)

Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.4, with GLib 2.28.6, with libpcap 1.1.1, with
libz 1.2.3.4, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, without Python, without GnuTLS, without
Gcrypt, without Kerberos, without GeoIP, without PortAudio, without AirPcap.

Running on Linux 2.6.38-8-generic, with libpcap version 1.1.1, with libz
1.2.3.4.

Built using gcc 4.5.2.
--
Since long ago emule/amule has applied Protocol Obfuscation, see:
http://wiki.emule-web.de/index.php/Protocol_obfuscation
Or the related amule source code: amule/src/Encrypted*.*

I'm trying to add this feature to /epan/dissectors/packet-edonkey.c by store
client id and verify key, they are needed when decrypt. But it doesn't work
well until now.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

Follow-Ups:
- [Wireshark-bugs] [Bug 5899] Most edonkey packets cannot be dissected because of the Protocol Obfuscation
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 5899] Most edonkey packets cannot be dissected because of the Protocol Obfuscation
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 5899] Most edonkey packets cannot be dissected because of the Protocol Obfuscation
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 5899] Most edonkey packets cannot be dissected because of the Protocol Obfuscation
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 5893] VTP dissector enhancement to recognize VTP Join/Prune messages (patch included)
Next by Date: [Wireshark-bugs] [Bug 5899] Most edonkey packets cannot be dissected because of the Protocol Obfuscation
Previous by thread: [Wireshark-bugs] [Bug 5756] Wireshark probably should have an Installer package rather than be drag-install
Next by thread: [Wireshark-bugs] [Bug 5899] Most edonkey packets cannot be dissected because of the Protocol Obfuscation
Index(es):
- Date
- Thread