Showing posts from July, 2018

How to decrypt SSL/TLS connections with wireshark

If you try to understand your SSL/TLS connections generated by your web browser like chrome, firefox or others, you must create a new variable in your .bashrc file as follows:

export SSLKEYLOGFILE="$HOME/sslkeylog.log"

To tells Wireshark where is this file, yo need specified the path in:

Edit / Preferences / Protocols / SSL / (Pre)-Master-Secret log filename.

Now, when you will call your browser from the terminal, it will generate sslkeylog.log with all private keys for each site, and wireshark would decrypt SSL/TLS traffic. Here is an example: