How to decrypt SSL/TLS connections with wireshark

If you try to understand your SSL/TLS connections generated by your web browser like chrome, firefox or others, you must create a new variable in your .bashrc file as follows:

export SSLKEYLOGFILE="$HOME/sslkeylog.log"

To tells Wireshark where is this file, yo need specified the path in:

Edit / Preferences / Protocols / SSL / (Pre)-Master-Secret log filename.


Now, when you will call your browser from the terminal, it will generate sslkeylog.log with all private keys for each site, and wireshark would decrypt SSL/TLS traffic.
Here is an example:


Enjoy!

Comments

Popular posts from this blog

from: can't read /var/mail/ in Python scripts

How to fix Android when developer options are not available for this user

Fix "Set scan parameters failed: Input/output error" on Ubuntu 16.04