0

I have capture the packet in android device by using tcpdump but the packet data is in encrypted format. how can i get decrypted data. I have found the packet data as...

packet data

actually i got got the more information in this format which in not human readable.

data image

Sher Ali
  • 5,513
  • 2
  • 27
  • 29
  • 2
    That's not encrypted - the packets begin with 0x45, which looks *very* much like the first byte of an IPv4 header with no options (the "4" is the IP version and the "5" is the header length in 32-bit words, so 20 bytes, which is the size of an IPv4 header with no options), and, in fact, tcpdump is printing them as two DNS queries with an ICMP Destination Unreachable message between them. So what leads you to think the packets are encrypted? –  Apr 15 '15 at 09:07
  • Hi, Guy Harris i have found the data in the above format in next pic which is not a human readable, how can i get the information from this data. – Sher Ali Apr 15 '15 at 09:58
  • 'Not human readable' != 'encrypted'. You need to have a look at the DNS and ICMP protocols. – user207421 Apr 15 '15 at 10:04
  • What's the entire printout for the packet in your second image (not the "oui Unknown" packet, the packet before that, as I assume that's the packet to which you're referring)? I.e., what are all the hex digits, and what was the packet line tcpdump printed before that? –  Apr 15 '15 at 16:39

0 Answers0