How to decode gzip/chunked captured packets
3,623 views
Skip to first unread message
Vivek Singh
Apr 17, 2012, 3:31:08 PM4/17/12
to null-...@googlegroups.com
Hi All,
I hv captured some Tcp packets using wireshark (.pcap files) but i m unable to view the containt coz it is encoded with gzip. Can any one plz suggest me tools or technique to decode that packet to view the containt.
--
Regards
Vivek Singh
I hv captured some Tcp packets using wireshark (.pcap files) but i m unable to view the containt coz it is encoded with gzip. Can any one plz suggest me tools or technique to decode that packet to view the containt.
--
Regards
Vivek Singh
utsav mittal
Apr 17, 2012, 8:21:24 PM4/17/12
to null-...@googlegroups.com
Assuming that you have the full file captured in the traffic.
First You need to first extract the gzip file from the packet streams.
Then you can simply unzip the file.
Thanks
-Sent from my iPhone
On 18-Apr-2012, at 1:43 AM, Vivek Singh <vivek.lio...@gmail.com> wrote:
>
Xy1ys 0101
Apr 18, 2012, 1:13:06 AM4/18/12
to null-...@googlegroups.com
Check your copy of wireshark is compiled with zLib (libz) using wireshark -v.
Check the attachment where wireshark is decoding gzip content.
- Xy1ys
--
Regards
Vivek Singh
--
Get ready to Goa - nullcon Security Conference
http://nullcon.net
null - Spreading the right Information
null Mailing list charter: http://null.co.in/section/about/null_list_charter/
rajesh rock
Apr 18, 2012, 2:59:13 AM4/18/12
to null-...@googlegroups.com
gzip using in Linux u extract that file are using this is command tar
-xvzf filename.tar.gz the file will extaracted.
-xvzf filename.tar.gz the file will extaracted.
Reply all
Reply to author
Forward
0 new messages