[CryptoParty] visualizing http traffic
Yuval Adam
yuv.adm at gmail.com
Fri May 17 22:03:52 GMT 2013
I think tcpdump should have some way of uncompressing gzip'd content, either with -z flag or piping through gzip to a file, but both methods are flaky.
Wireshark handles this stuff transparently, and would be definitely be the easier way to do this demo.
You also get nice packet visualization for free.
- Yuval
On Friday, May 17, 2013 at 11:24 PM, ml at enteig.net wrote:
> Hi,
>
> I know that Julian and Danja did some traffic sniffing at past
> cryptoparties to show the difference between plain-text and encrypted
> traffic.
>
> Now I want to recreate something like that, but my problem is that most
> of HTTP traffic is indeed not encrypted, but compressed. So when I run
> something like
>
> # tcpdump -i wlan0 -s 0 -A -nn 'host localhost and (tcp port 80) or
> (tcp port 443)'
>
> I can see the HTTP requests, but the pages contents are as illegible as
> anything else.
>
> So is there an easy way to change that (and maybe even add a little
> color to the output)?
>
>
> Sincerely,
>
> Malte
> _______________________________________________
> CryptoParty mailing list
> CryptoParty at kuix.de (mailto:CryptoParty at kuix.de)
> https://kuix.de/mailman/listinfo/cryptoparty
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cryptoparty.is/pipermail/global/attachments/20130518/3f6b3765/attachment.html>
More information about the global
mailing list