How to Decrypt SSL traffic on your PC with wireshark
wireshark having a awesome feature of decryption of any traffic over your selected network card…
what you need ?
- Wireshark download it (https://www.wireshark.org/download.html)
- SSL Private Key in later session
- A network Card (Caution if Don’t have this one don’t try it having loss of life :P)
Here i will use Kali Linux for whole session you can use different one according your expertise.
Step-1 start monitoring mode
Set your network card to moniter mode using following commnad
here i used my wireless card you can use different one select listed in ifconfig result .
Step-2 Get private key from OpenSSL
Use the following command to get it
Now this will save two files in your home directory
- testkey.pem (private key file)
- testcert.pem (containing a self signed certificate)
you need to use same key on your server.
Step-3 Set up wireshark
Now run Wireshark form your terminal by typing this command
now go in preferences in edit menu then go to protocol on left side and then SSL protocol now fill details
- IP : ip of server
- Port: 443
- Protocol: HTTP
- key file: select file from your home directory
- Password: if any
now you will get decrypted result for for any SSL or TLS protocols
you can use filter for http SSL
Thank you 🙂
If help full Show your Support by Commenting an Shareing with others