Wireshark
the world's foremost network protocol analyzer
Wireshark-users: Re: [Wireshark-users] wireshark ssl decryption for dummies
From: Andrew Schweitzer <a.schweitzer.grps@xxxxxxxxx>
Date: Tue, 12 Sep 2006 22:09:50 -0400
ronnie sahlberg wrote:
On 9/12/06, Andrew Schweitzer <a.schweitzer.grps@xxxxxxxxx> wrote:Hello, I'm trying to decrypt some SSL traffic. The connection initiator talk to port 37000. It talks a proprietary protocol (one not present in wireshark). I have the keys of the initiator and the listener. I am capturing on the listener. What should my RSA keys list be?
[snip]
try: 127.0.0.1,3700,data,e:\keys\server.key
That worked better. Wireshark now knows it's looking at SSL and parses the SSL header... but it doesn't seem to decrypt the data. Any suggestions on how to debug this?
log file says: ===Begin log file=== dissect_ssl3_record: content_type 23 association_find: port 1032 found 00000000 association_find: port 3700 found 0496FED0 ===End log file===
_______________________________________________ Wireshark-users mailing list Wireshark-users@xxxxxxxxxxxxx http://www.wireshark.org/mailman/listinfo/wireshark-users
- Follow-Ups:
- Re: [Wireshark-users] wireshark ssl decryption for dummies
- From: Andrew Schweitzer
- Re: [Wireshark-users] wireshark ssl decryption for dummies
- References:
- [Wireshark-users] wireshark ssl decryption for dummies
- From: Andrew Schweitzer
- Re: [Wireshark-users] wireshark ssl decryption for dummies
- From: ronnie sahlberg
- [Wireshark-users] wireshark ssl decryption for dummies
- Prev by Date: Re: [Wireshark-users] wireshark ssl decryption for dummies
- Next by Date: Re: [Wireshark-users] wireshark ssl decryption for dummies
- Previous by thread: Re: [Wireshark-users] wireshark ssl decryption for dummies
- Next by thread: Re: [Wireshark-users] wireshark ssl decryption for dummies
- Index(es):