Decrypting wireshark data

[Zilla707]

Is there a way to decrypt data that has been captured by wireshark into something a bit more readable? To install it and run it: [sudo apt-get install wireshark] then [sudo wireshark] (I found that starting it with superuser permissions works better). Then hit the start capturing button in the top-left. When done, hit the square button and the save with ctrl-s, but then I can't figure out what do do with the captured data in file form. Any help with this?

[trejan]

They're not encrypted.

Load it back into Wireshark or use the command line version called tshark.

If you want to process the data yourself then you can use libpcap if it is the older pcap files or read https://wiki.wireshark.org/Development/PcapNg if you've got the new pcapng files. Newer versions of libpcap can read pcapng as well.

[dorian-ny]

You might get more help if you say what exactly are you looking for in the data

[Zilla707]

Ah. Sorry. What I am trying to do, is once I capture a packet that has been sent from some other device, like a text message, get that data into what the devices that is receiving gets to see. Of course, since there are a ton of different package types, this might just not work. Please tell me if that's the case.

[dorian-ny]

That data is most certainly encrypted. In-fact even most useless web-traffic is encrypted nowadays.
Sorry but if you want to spy on your sister you will have to do it the old fashioned way and read her diary