This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi everyone.

I'm trying to write a program that interfaces to XYZ service's servers. (basically their software is quite buggy and non-optimized so I want to make a client that offers some limited functionality without said bugs etc)

The login uses TLSv1 and respectively, I know some of the data that is getting sent (my username and password for example).

It there anyway to 'decrypt' your own packets? As I need the 'structure' of the 'login process' for my application to mimic it... And the original data and key to encrypt it is coming from my end anyway - so would this be possible?

Any help it greatly appreciated Kind regards, Luke

asked 25 Jul '11, 13:32

lukus001's gravatar image

lukus001
6224
accept rate: 0%


To be able to decrypt SSL/TLS traffic with Wireshark, you need to have the server private key or have an export of the (pre-)master secret (which can be done with a self-compiled version of Chrome or Firefox with some debug options turned on or by using the openssl s_client). It sounds like those might not an option in your setup.

If you are able to use firefox to access their site, then the easiest way to decrypt the traffic (if it is https) is to use the httpfox add-on, this will give you all the decrypted http traffic.

If that's not possible, you might be able to do a man-in-the-middle with Fiddler.

permanent link

answered 25 Jul '11, 16:57

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

Thanks for your reply SYNbit.

Their client is actually made in adobe air or more specifically; the login is handled with adobe flash. Looking at fiddler now, hopefully that will work :)

I believe flash uses TLS built in from windows (in this instance at least, because disabling it in internet options makes their login fail /give errors). Unfortunately their flash file does not load in a browser, so I don't know how it getting treated.

Anyway, thanks again for taking the time to help out.

(26 Jul '11, 08:28) lukus001
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×165
×23

question asked: 25 Jul '11, 13:32

question was seen: 4,463 times

last updated: 26 Jul '11, 08:28

p​o​w​e​r​e​d by O​S​Q​A