Has anybody have any success decrypting ESP payloads with wireshark or
tcpdump?
I am trying to decrypt some ping packets (attached) that has been
encrypted with 3DES/SHA1 with the PSK being "hello". I get an error in
my terminal that says "ESP Preferences: Error in encryption algorithm
3des-cbc: Bad Keylen <40 bits>"
From what i can tell, i only know my PSK so im not sure what wireshark
is expecting for my encryption key/authentication key. I tried it in
tcpdump as well with no luck.
Please let me know if anyone has had success with this.
Thank you much,
Mathis
PS. I'm using Wiresharek 0.99-r2 w/ libgcrypt and the traffic is from a
netscreen vpn.
Attachment:
esp-icmps-3des-sha1.pcap
Description: Binary data