If your application is using well-known protocols such as HTTP or SQL, you will find that your protocol analyzer will decode the commands for you and will make life a lot easier.
And if you’re unlucky, that pattern might be in hex or binary, but you should always try to find out if there is a pattern within your application. If you’re lucky you will see a pattern if you’re very lucky that pattern will be in clear text. For example logging in, printing, or querying from your application of choice.
It’s critical that you pay attention to what you were doing when you captured those packets.
To find an application signature using Wireshark, capture packets from your application and look either in the detail pane or in the bytes pane for a pattern.
0 kommentar(er)
