Answer the question
In order to leave comments, you need to log in
How to decrypt ssl in wireshark?
Good evening everyone. The following question arose, how to decrypt ssl traffic in Wireshark. Before that, I decrypted it as described here: https://habrahabr.ru/post/253521/ . But now you need to decrypt the traffic from the application on the computer, this will not work here. Therefore, the question is how to decrypt ssl from the application? You need at least client traffic (that is, me) that is transmitted from me, in the method described above, it is. Can it be decrypted using other programs? Or in some other way. Google didn't help. I'm waiting for your ideas. Thanks in advance)
Answer the question
In order to leave comments, you need to log in
if you sniff yourself or your devices, sign a certificate, install on devices, then in the shark there is a fad in the menu to decrypt a package based on keys, roughly speaking a handshake, it has been written about this on Habré many times, look at the article where poker room traffic is intercepted
A easy hack of course, as suggested above - fiddler, and in the https settings, tick the decrypt, add the certificate to the trusted ones, and from the device on which you are sniffing, you stomp with fiddler enabled ipv4.fiddler:8888 (the default port, if you change it, you specify the one that is in the role of debug proxy) and on this page you will delete the certificate. Next, perform the required task
Если же с компа снифвешь, там через winnt ставится прокси, ну подробнее можешь в faq на сайте почитать, если нужно приложение отснифать которое не поддерживает установку прокси, любым софтом можно завернуть траф в твой дебаг прокси = профит
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question