Wednesday, September 2, 2009

Decrypting HTTPS

Had a need to inspect HTTPS to scrutinise application data. Installed ssldump and fired it up.

commandrine@bridge:~$ ssldump -r https.pcap -k server.key -d host 10.10.10.13 > appdata.txt
Enter PEM pass phrase:
commandrine@bridge:~$


Pretty cool stuff. You need the server's private key before you can view session data associated with the said key.

No comments:

Post a Comment