Wireshark
the world's foremost network protocol analyzer
Wireshark-users: Re: [Wireshark-users] how to decrypt TLSv1 traffic
From: "Nik Kolev" <nkolev@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Jun 2008 12:39:37 -0400
> On Mon, Jun 09, 2008 at 04:23:49PM -0400, Nik Kolev wrote: > > > > I saw a blog post somewhere discussing that you can "pass" the path to > > the file which stores the negotiated encryption key to wireshark and > > (given that wireshark has been linked against a given library) get the > > encrypted payload decrypted. I don't know if this applies to my scenario > > (not sure whether IE writes the key to the file system,...)... > > With most ciphers (including the one that was chosen in the > displayed server-hello), wireshark can do the decryption when it > you supply the private key of the server (see the ssl protocol > preferences). [Nik Kolev] Aaaaaaa, I misread the post - thought that you can supply the negotiated for the particular session key. But private key would work as well - assuming the IT police at my company will hand it to me... Thanks for clarifying things, -nik
- References:
- [Wireshark-users] how to decrypt TLSv1 traffic
- From: Nik Kolev
- Re: [Wireshark-users] how to decrypt TLSv1 traffic
- From: Sake Blok
- [Wireshark-users] how to decrypt TLSv1 traffic
- Prev by Date: Re: [Wireshark-users] What is a good average for malformed packets
- Next by Date: Re: [Wireshark-users] Removing Source/Destination Columns from packet summary pane
- Previous by thread: Re: [Wireshark-users] how to decrypt TLSv1 traffic
- Next by thread: Re: [Wireshark-users] how to decrypt TLSv1 traffic
- Index(es):