Hi,
I don't know why you need this but the most definite way to do it is
patch dissect_packet in epan/packet.c. Just insert the line
int i; for (i=0; i<fd->cap_len; i++) pd[i] ^= YOUR_VALUE_HERE;
before the call to tvb_new_real_data() and recompile Wireshark.
This will XOR all packet data of all packets before dissection.
I assume that is what you're aiming for ?
Thanx,
Jaap
Owens, Neil wrote:
Hi all
I'm up against it here and just need to (simply?) XOR all packet data
with a HEX value. I just don't know enough about Wireshark to be able
to do this . While I'm not asking for a complete solution could someone
point me at something a little more specific than the Wireshark Users
manual and possibly hold me hand a little?
Many thanks in advance
Neil