Decrypting SSL using Wireshark on Linux vs Windows

In Wireshark (Ubuntu 14.04) you can Right Click the SSL stream, and go to:

Protocol Preferences > Secure Sockets Layer Preferences

Here you can add RSA Key lists where you can enter the password of the private key used to protect the communications. You can also enter a Pre-shared Key or a Pre-Master Secret log file (which I believe is what you have).

Here's a tutorial on how to decrypt SSL traffic with Wireshark in Linux.

As an alternative I would look into using a proxy like Charles to act as a man in the middle to view SSL traffic between websites. It makes it very easy to see the decrypted traffic, and you can have multiple sessions going at once. This is ideal in a closed off network since you'll have to install their CA into your trusted store.

But this is a great way for debugging/viewing secure web traffic.

Tags:

Windows

Linux

Wireshark

Decryption

Tls

Related

HOW is the malicious URL/payload is delivered to the user on a DOM based XSS attack? Why do email programs block xml files? Is adding a supplementary credit transaction something that could improve online payment security? Is it possible for a vulnerability in one application to be exploited to attack another application on the same server? Is using bcrypt on existing SHA1 hashes good enough when switching password implementation? Password manager in not own device Password Policy: Issue random generated passwords / Let the user choose a password I forgot to shred a file before deleting it (on Windows). How do I shred that part of file system now where the file was located? GnuPG decryption not asking for passphrase What is the difference between the "sig" files and the checksum files, such as on the PuTTY download page? How can I reprogram a usb as a keyboard Strange Payment Gateway

Recent Posts