I want to decode the traffic between a desktop application (on my desktop) and a server out over the Internet. This is HTTPS traffic, but not from a web browser. There is no pre-shared key or such, but it is traffic on my machine so I don't think it's unreasonable to be able to decode this stream to see what information is being sent. Is there some way to do this? I have concerns over the data being uploaded and separately want to analysis the communications because it's somewhat slow. asked 17 Sep '12, 08:35  klamerus |
One Answer:
You need either of the following to decrypt SSL traffic:
So, what can you do? Use a local ssl proxy that is able to intercept ssl connections, like Fiddler2.
See also my answer in a similar question.
Regards answered 17 Sep '12, 12:30  Kurt Knochner ♦ |
My understanding is that fiddler only works with web browsers and this is not a web application (or at least it's not a browser-based client). Can fiddler capture non-browser traffic?
can you set a proxy in that application? If so, chances are good that you can use Fiddler.
And if you can't set a proxy in the application and it does not use the system's proxy if one is configured, then you can use a Backtrack DVD and run:
This setup will present a new dynamically generated certificate, signed by a CA created by sslsniff. You might need to import that CA certificate in windows or the application.