My $0.02: > this could lead companies... to deny the use of the program, due to wrongly identifying Wireshark as a hacking tool.
Wireshark is already a "hacker tool" de facto, regardless of the fact that it performs passive network analysis. The first two results for "hacker tools" on Google list Wireshark as a key tool. If we are worried about password extraction, this is already possible with Wireshark for plaintext FTP passwords. I do not think that individuals making this decision will change their mind based on this feature alone. So far, no individuals have come forward stating that this will negatively affect them (i.e. if you one of these people, please speak up!) On Sat, Jun 15, 2019 at 9:57 AM Tomasz Moń <deso...@gmail.com> wrote: > On Fri, Jun 14, 2019 at 10:27 PM Roland Knall <rkn...@gmail.com> wrote: > > There is a patch currently waiting for inclusion. It would allow for > dissectors to easily make credentials (username/password) available and > present them in a tool window in Wireshark. > > I understand that you mean, that it'd be easy to present the > credentials if the dissector is able to extract/derive the password. > If the protocol is cryptographically secure, then without keys, the > change in question won't have any impact, right? > > In other words, it is not about integrating some password cracking > mechanism but rather API to simply present the decoded information? > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: https://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
