Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problem with reading packets in LLC protocol encryption / encoding


  • Please log in to reply
No replies to this topic

#1 eyal360

eyal360

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 19 December 2016 - 04:38 AM

Hi,

 

Im using an IP based messaging app called netcat on linux terminal. I can send messages directly to a computers IP and receive back in a way its not encrypted, as shown below:

 

withoutarp.jpg

 

but when Im sniffing the packets from a third computer ( on my own WLAN ) im getting them in LLC protocol instead of TCP and I cant see the data (I think its encrypted or scrambled ) as shown below:

 

all_packets.jpg

 

packet_149.jpg

 

Any idea whats the problem? or how can I extract the data? I tried ASCII, UNICODE and Hex translation to string nothing worked.

 

Here is the Hex pcap file for wireshark on GoogleDrive, I hope someone could help me with this issue.
https://drive.google.com/open?id=0B4dE5ujOQI6RdENRclc0TDhlNzA



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users