Closed KraskoVladimir closed 1 year ago
Hi,
Your screenshot shows that the message payload could be decrypted. There are two requirements for decryption:
Yes, when we recorder traffic once again, this time capture contained the login request and response and we got a better and more descriptive wireshark capture. Thanks!
Hi. My goal is to capture Babyware - IP150 communication, so I found your tool with whose help I wanted to decrypt my payloads. While installing, I didn't use these steps: https://github.com/deonvdw/paradoxip-dissector#building Instead, I installed Wireshark version 3.4.2. and I only copied paradoxip.dll into plugins\3.4\epan folder: https://github.com/deonvdw/paradoxip-dissector/releases/tag/0.1.0 I was hoping that I will receive similar output as yours:![screenshot](https://user-images.githubusercontent.com/34869558/187450893-4af0e40b-027b-4ac3-a9f9-2a3221d97962.jpg)
but I got the following:
in the most right column Info you have Serial -> (or <-) and more text, I have only Serial -> (or <-), without additional text![paradox ip 1](https://user-images.githubusercontent.com/34869558/187451902-a16fb2dc-f312-48a5-87c2-8e91f6367114.png)
In your screenshot example you have "Paradox Alarm IP message" and "Paradox alarm serial message" sections. I only have "Paradox Alarm IP message". Inside that section in your example there are Header, Command and Payload bytes subsections. In my response, instead Payload bytes I have Encrypted payload bytes, with warning "cannot decrypt payload data":![paradox ip 2](https://user-images.githubusercontent.com/34869558/187454196-e4879e0c-0df9-4882-ad93-b71aac45ca10.png)
Am I doing something wrong? How can I resolve these issues and got properly decrypted payloads? Thanks in advance! All the best!