I am using Wireshark to analyse services that use XML-RPC calls to
communicate. Currently the protocol gets dissected as XML which is
fine because it is XML. However the result has lots of bloat that
makes it hard for me to analyse the protocol built on top of XML-RPC.
Can I somehow write a dissector (?) that analyses only the interesting
parts of the protocol, and shows its results "on top" of the more
generix XML-RPC dissection, as an alternative way of interpreting the
same data. Note that being able to add detail into the atomic parts of
dissected XML-RPC does not help, as it is the verboseness of XML-RPC
that gets in the way.
happy hacking, --Toni
