Wireshark mailing list archives
Re: Decrypting SSL with Wireshark
From: "Sake Blok" <sake () euronet nl>
Date: Mon, 18 Jan 2010 21:27:11 +0100
If there was, SSL would not do a good job being a secure protocol...
----- Original Message -----
From: sieger007 () gmail com
To: Community support list for Wireshark
Sent: Monday, January 18, 2010 9:11 PM
Subject: Re: [Wireshark-users] Decrypting SSL with Wireshark
Hi Adam
Thanks . Now is there a way to 'extract' a Pvt key from a cert file or that is confidential e.g. google, hotmail.
etc.Is there any OTHER viable solution to sniff SSL traffic without creating a fake certificate with warnings
Thanks
S
On Mon, Jan 18, 2010 at 10:59 AM, St. Onge,Adam <ASTONGE () travelers com> wrote:
The wiki has good coverage on this (http://wiki.wireshark.org/SSL) but not really applicable to Penetration testing
unless you have already compromised the web server and got the Private key.
----------------------------------------------------------------------------
From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of
sieger007 () gmail com
Sent: Monday, January 18, 2010 12:29 PM
To: wireshark-users () wireshark org
Subject: [Wireshark-users] Decrypting SSL with Wireshark
Hi Folks
I am interesting in using Wireshark for Penetration Testing work. SSL has always intrigued me. I heard it is poss
to decrypt traffic using WS.
Wireshark documentation. Has more stuff on it but it all sounds so Greeky. I can't follow squat of that .
Can SOMEONE PLEASE point to some video tutorial or gimme a plain and simple tutorial how this is done.
What'd be the success rate . Did anyone have luck doing this with some 9/10 success . Please help
Thanks
S
==============================================================================
This communication, including attachments, is confidential, may be subject to legal privileges, and is intended for the
sole use of the addressee. Any use, duplication, disclosure or dissemination of this communication, other than by the
addressee, is prohibited. If you have received this communication in error, please notify the sender immediately and
delete or destroy this communication and all copies.
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users () wireshark org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request () wireshark org?subject=unsubscribe
------------------------------------------------------------------------------
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users () wireshark org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request () wireshark org?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Decrypting SSL with Wireshark sieger007 () gmail com (Jan 18)
- Re: Decrypting SSL with Wireshark St. Onge,Adam (Jan 18)
- Re: Decrypting SSL with Wireshark sieger007 () gmail com (Jan 18)
- Re: Decrypting SSL with Wireshark Sake Blok (Jan 18)
- Re: Decrypting SSL with Wireshark sieger007 () gmail com (Jan 18)
- Re: Decrypting SSL with Wireshark Stephen Fisher (Jan 18)
- Re: Decrypting SSL with Wireshark sieger007 () gmail com (Jan 18)
- Re: Decrypting SSL with Wireshark St. Onge,Adam (Jan 18)