How to access new key files in the SSH preferences.

SSH
preferences
DECRYPTION
retag add tags

Hi all,

I would like to decrypt SSH using Wireshark. For this purpose, I want to add four new fields in the class packet-ssh.c in the function proto_register_ssh(void). Using, for example, the function prefs_register_string_preference(). My question is now. After the user has entered these keys in the new fields, pressed "Ok" and started the capturing of SSH packets, how can I get the entered values later on for example in the ssh_dissect_ssh2() function in packet-ssh.c class? Thanks a lot in advance!

JustPlayin

asked 2019-07-17 17:41:21 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

2 Answers

Sort by

oldest

newest

most voted

Looking at chapter 2.6 of README.dissector in the doc directory of your source tree, you'll see that the function prefs_register_string_preference() takes as the last parameter a char pointer pointer. This is where the entered preference ends up. Have a look at other dissectors which use this same function to see how that's used.

13.7k

Jaap

answered 2019-07-17 18:40:30 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Look at the User Preferences section (2.6) in README.dissector.

Basically when you register the preference you pass a pointer to a static variable in your dissector and this is updated with the new value.

23.8k

grahamb

answered 2019-07-17 17:51:32 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer

How to access new key files in the SSH preferences. edit

Comments

2 Answers

Comments

Comments