https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5899
Summary: Most edonkey packets cannot be dissected because of
the Protocol Obfuscation
Product: Wireshark
Version: SVN
Platform: Other
OS/Version: All
Status: NEW
Severity: Major
Priority: Low
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: xiaoxiangquan@xxxxxxxxx
Created an attachment (id=6301)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=6301)
a real capture from downloading, 95% of the packets cannot be dissected
Build Information:
Version 1.5.1 (SVN Rev 36407 from /trunk)
Copyright 1998-2011 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled (64-bit) with GTK+ 2.24.4, with GLib 2.28.6, with libpcap 1.1.1, with
libz 1.2.3.4, without POSIX capabilities, without libpcre, without SMI, without
c-ares, without ADNS, without Lua, without Python, without GnuTLS, without
Gcrypt, without Kerberos, without GeoIP, without PortAudio, without AirPcap.
Running on Linux 2.6.38-8-generic, with libpcap version 1.1.1, with libz
1.2.3.4.
Built using gcc 4.5.2.
--
Since long ago emule/amule has applied Protocol Obfuscation, see:
http://wiki.emule-web.de/index.php/Protocol_obfuscation
Or the related amule source code: amule/src/Encrypted*.*
I'm trying to add this feature to /epan/dissectors/packet-edonkey.c by store
client id and verify key, they are needed when decrypt. But it doesn't work
well until now.
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.