I'm currently working on a penetration test about DTLS-SRTP strengths and weaknesses. But I'm stuck on an eavesdropping test using Wireshark.
Yes, it's protected by SRTP, but:
- What's DTLS actually doing/working on the media channel?
- What are other attack methods (apart from the eavesdropping) that can be tested on such a secured channel (to prove it works, or alternatively to prove it still has flaws)?
Specifically I'm doing it in WebRTC communications, and I'm ignoring other location's security aspects, except in the media transfer channel.