First of all apologies if the following question is unclear as I am unfamiliar with network security. I can view tabular data on a website after logging into my account. The website has TLS encryption and can only be accessed using Internet Explorer. I need to set up Wireshark to decrypt the data and write into a text file. I need the data to perform some analysis. Found some material to log ssl session key but the method only works with Chrome and Firefox. Not sure where to start. Can someone point me in the right direction? I'm also open to hiring a consultant to help me with this. Again can someone point me where to look for such consultants? Thank you. asked 30 May '17, 06:37 benctr |
One Answer:
Use Fiddler, it can work with any browser. answered 30 May '17, 07:10 grahamb ♦ |
Thanks grahamb. Is WireShark out of the question because the website must be accessed using Internet Explorer?
Yep, unless someone else knows how to get keying material out of IE.
It can be done, but it is not easy: https://www.blackhat.com/docs/us-16/materials/us-16-Kambic-Cunning-With-CNG-Soliciting-Secrets-From-SChannel.pdf
Oooh, access to SChannel secrets. Obviously requires elevated privs, but given that I think something could be done at run-time to give a Wireshark plugin access to the keys.