This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

No Decryption of Instagram

0

I'm running Wireshark v2.2.0 in a Kali Linux VM. I have the SSLKEYLOGFILE environment variable set, so that SSL keys will be saved and Wireshark pointed to that file. I've got Chrome v55.0 installed in Kali also. This setup works and I'm able to capture sessions from SSL websites, store the SSL keys, view the decrypted packets and export HTTP objects. However, when I try this on Instagram the decryption fails. Everything seems to be working the same, i.e., SSL keys are being stored to the log file and the packets are being captured. But it doesn't show the "decrypted" tab for the packets and on the the export HTTP objects window, no objects are shown. Anyone got an idea how I can decrypt this session?

Thanks.

asked 28 Dec '16, 11:33

who_me's gravatar image

who_me
6113
accept rate: 0%


One Answer:

1

For SSL/TLS decryption, ensure that the full handshake is captured (clear browser cache).

For Export HTTP Objects, note that this is currently not supported for HTTP/2 (which is what Instagram seems to use).

answered 31 Dec '16, 06:10

Lekensteyn's gravatar image

Lekensteyn
2.2k3724
accept rate: 30%

This fixed the SSL problem. Thanks!

(31 Dec '16, 08:23) who_me

Since the answer appears to have answered your question please be sure to Accept it (by checking on the checkmark next to it). See the FAQ.

(03 Jan '17, 14:50) JeffMorriss ♦