This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Decrypting website accessed through internet explorer

0

First of all apologies if the following question is unclear as I am unfamiliar with network security.

I can view tabular data on a website after logging into my account. The website has TLS encryption and can only be accessed using Internet Explorer.

I need to set up Wireshark to decrypt the data and write into a text file. I need the data to perform some analysis. Found some material to log ssl session key but the method only works with Chrome and Firefox.

Not sure where to start. Can someone point me in the right direction?

I'm also open to hiring a consultant to help me with this. Again can someone point me where to look for such consultants?

Thank you.

asked 30 May '17, 06:37

benctr's gravatar image

benctr
6112
accept rate: 0%


One Answer:

0

Use Fiddler, it can work with any browser.

answered 30 May '17, 07:10

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Thanks grahamb. Is WireShark out of the question because the website must be accessed using Internet Explorer?

(31 May '17, 07:22) benctr

Yep, unless someone else knows how to get keying material out of IE.

(31 May '17, 07:31) grahamb ♦

Oooh, access to SChannel secrets. Obviously requires elevated privs, but given that I think something could be done at run-time to give a Wireshark plugin access to the keys.

(04 Jun '17, 12:00) grahamb ♦