Using Wireshark with TLS1.2 connection
Posted: Tue Aug 02, 2022 9:47 am
Hey,
I'm currently working with a new provider and for some reason his DLR is all being received with a default Message-Id - "1111111111"
In the SubmitResponse the MessageId is fine.
example of DLR -
```
{"MessageId":"1111111111","Submitted":0,"Delivered":0,"SubmitDate":"2022-07-31T13:22:00","DoneDate":"2022-07-31T13:22:00","State":2,"ErrorCode":"000","Text":"null","Items":{"id":"1111111111","sub":"000","dlvrd":"000","submit
date":"2207311322","done
date":"2207311322","stat":"DELIVRD","err":"000","Text":"null"}}
```
After contacting the provider he says that the issue is with my serialization which is obviously done using InetLab.
In order to understand if the issue indeed is on my end, I want to capture the packet of the DLR using Wireshark, to assure that the MessageId is being serialized correctly.
Problem is that using a secured SMPP connection it seems like Wireshark doesn't even recognize it as an SMPP protocol, it simply says it's a raw TCP/IP protocol.
And the actual data is encrypted.
Is there a way for me to decrypt those packets manually? it seems like I can provide Wireshark with a Master-Secret file in order for it to decrypt the payloads, which Master-Secret does the connection use?
Thanks
I'm currently working with a new provider and for some reason his DLR is all being received with a default Message-Id - "1111111111"
In the SubmitResponse the MessageId is fine.
example of DLR -
```
{"MessageId":"1111111111","Submitted":0,"Delivered":0,"SubmitDate":"2022-07-31T13:22:00","DoneDate":"2022-07-31T13:22:00","State":2,"ErrorCode":"000","Text":"null","Items":{"id":"1111111111","sub":"000","dlvrd":"000","submit
date":"2207311322","done
date":"2207311322","stat":"DELIVRD","err":"000","Text":"null"}}
```
After contacting the provider he says that the issue is with my serialization which is obviously done using InetLab.
In order to understand if the issue indeed is on my end, I want to capture the packet of the DLR using Wireshark, to assure that the MessageId is being serialized correctly.
Problem is that using a secured SMPP connection it seems like Wireshark doesn't even recognize it as an SMPP protocol, it simply says it's a raw TCP/IP protocol.
And the actual data is encrypted.
Is there a way for me to decrypt those packets manually? it seems like I can provide Wireshark with a Master-Secret file in order for it to decrypt the payloads, which Master-Secret does the connection use?
Thanks