[CryptoParty] visualizing http traffic
yuv.adm at gmail.com
Fri May 17 22:03:52 GMT 2013
I think tcpdump should have some way of uncompressing gzip'd content, either with -z flag or piping through gzip to a file, but both methods are flaky.
Wireshark handles this stuff transparently, and would be definitely be the easier way to do this demo.
You also get nice packet visualization for free.
On Friday, May 17, 2013 at 11:24 PM, ml at enteig.net wrote:
> I know that Julian and Danja did some traffic sniffing at past
> cryptoparties to show the difference between plain-text and encrypted
> Now I want to recreate something like that, but my problem is that most
> of HTTP traffic is indeed not encrypted, but compressed. So when I run
> something like
> # tcpdump -i wlan0 -s 0 -A -nn 'host localhost and (tcp port 80) or
> (tcp port 443)'
> I can see the HTTP requests, but the pages contents are as illegible as
> anything else.
> So is there an easy way to change that (and maybe even add a little
> color to the output)?
> CryptoParty mailing list
> CryptoParty at kuix.de (mailto:CryptoParty at kuix.de)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the global