I also tried the same, and although wireshark labeled these data as
"encrypted application data", the text next to hex data in bottom window
contained unencrypted data. There were something added in the end, though.
(negotiated ciphersuite were NULL-SHA).
> 2) Getting back to the client & server programs supplied along with the openssl package. When eNULL was configured as mentioned above, ran the wireshark
> packet capture utility.
> typed " hello world" at the server and the "hello world" was reflected in the client.
>
> Was expecting "hello world" to be seen in clear text because NULL encryption is used.
> But in wireshark i could not see anything in clear text .. Atleast i could not see "hello world" in the application data section of wireshark.
> Rightly application data was after the client hello exchange messages sent by the ssl protocol.
>
> wondering why clear text message was not seen .... does any form of encoding is used by the client & server.??
