Hi,
this is basically a repetition of what I asked on freenode#wireshark,
but I can't be online too much longer, so the question here again.
I have a dump containing TLS records. I now want to extract the size of
each tls record. I do NOT want to decrypt the traffic.
I filtered the dumps I have by "tcp contains 17:03:01" to get those
packets containing headers of tls application records.Now I would love
to know the size of each tls application record. This would mean to know
the next two bytes after the 17:03:01.
So, how could I do that with Wireshark, or: which program/script could I
use in which way to get the information I'd like to have?
As I want to extract that information later by using a script, how would
I automatize the steps filtering and extracting the size information?
Thanks in advance,
Dominik