Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: Problem with reading packets in LLC protocol encryption / encoding SANS ISC InfoSec Forums

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Problem with reading packets in LLC protocol encryption / encoding
Hi,

Im using an IP based messaging app called netcat on linux terminal. I can send messages directly to a computers IP and receive back in a way its not encrypted, as shown below:
https://s24.postimg.org/75dld4rol/packet_149.jpg

but when Im sniffing the packets from a third computer ( on my own WLAN ) im getting them in LLC protocol instead of TCP and I cant see the data (I think its encrypted or scrambled ) as shown below:
https://s24.postimg.org/6rc9dj7l1/all_packets.jpg
https://s28.postimg.org/nzqlo28f1/withoutarp.jpg

Any idea whats the problem? or how can I extract the data? I tried ASCII, UNICODE and Hex translation to string nothing worked.

Here is the Hex pcap file for wireshark on GoogleDrive, I hope someone could help me with this issue.
https://drive.google.com/open?id=0B4dE5ujOQI6RdENRclc0TDhlNzA
Anonymous

Sign Up for Free or Log In to start participating in the conversation!