Wireshark-users: Re: [Wireshark-users] Reassemble HTTP GET Method

From: David Alanis <canito@xxxxxxxx>
Date: Thu, 20 Oct 2011 22:06:33 -0500
Quoting Zaki Akhmad <zakiakhmad@xxxxxxxxx>:

Hello,

I am conducting analaysis on a web application. This web app, using
HTTP GET method. With HTTP GET method this web app sent a .key file
with its path.

I am trying to reassemble this .key file. Is it possible to do this?
Need hints here.

I've followed some resources on wireshark wiki on reassemble a jpeg
file[1] with its pcap file[2]

[1]http://wiki.wireshark.org/TCP_Reassembly
[2]http://wiki.wireshark.org/SampleCaptures?action=AttachFile&do=view&target=http_with_jpegs.cap.gz

Thanks!
--
Zaki Akhmad
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe


Hey Zaki-

What do you mean by reassemble the .key file?

Its late here so the only thing that comes to mind is extract the whole .key file?

If that is what you meant? Check out the two videos at this link this young man put together which should help.

http://evilrouters.net/2009/07/13/even-quicker-packet-capture-data-extraction-using-wireshark/

Cheers-

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.