Currently I am learning about MitM and how to use it. Therefore I am doing some arp spoofing (just like in OTW's tutorial about a simple man in the middle attack) and I am using Wireshark to analyse the packages. This all worked fine so I decided I wanted to try to get myself inbetween a networkprinter and the router to capture documents that are being printed. I printed an example document with at the top stating Oefentoets(Dutch) and then one of my old chemistry tests on the rest of the page. However when analysing the captured packages I did find a tcp stream with Oefentoets at the top of it followed by something that looked like it could be my old test when looking at the size but than in a way different format or code. Probably it is compressed in some kind of way but I don't know how to convert it into text. I tried saving it as raw but then I could only open it with Notepad showing an even less understandable code.
I hope anyone can help me out :)
Printscreen of top of tcp stream:
Printscreen of tcp stream: