Jump to content

decoding snomeOne pcap captured SIP traffic ?


xinity
 Share

Recommended Posts

hy,

i've tried to decrypt a pcap file generated from our snomOne IPBX, at first all i can see is UDP traffic in the capture, no SIP traffic.
so i tried to use this tutorial to decrypt SIP-TLS data : http://wiki.snom.com/FAQ/How_to_decode_TLS_calls_using_wireshark

but i doesn't work either, it talk about the server private key, which i don't know where to find ...

have i missed something ?

how can we capture and analyze sip traffic captured from our snomONE IPBX ?

Thanks for your help,

Regards,

Xinity

Link to comment
Share on other sites

If you are using version 5.1.3 or higher, the PCAP are already decoded. If you are looking at raw PCAP directly from the interface (either on the phone through the web interface or on the PBX), well it will be hard to crack the decryption hopefully. I think Wireshark has a way to decrypt SSL traffic, but I have never done that before and it sounds like a lot of work. Using the 5.1.3 PCAP on the PBX is a lot easier.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...