Decrypting HTTPS
Had a need to inspect HTTPS to scrutinise application data. Installed ssldump and fired it up.
commandrine@bridge:~$ ssldump -r https.pcap -k server.key -d host 10.10.10.13 > appdata.txt
Enter PEM pass phrase:
commandrine@bridge:~$
Pretty cool stuff. You need the server's private key before you can view session data associated with the said key.
commandrine@bridge:~$ ssldump -r https.pcap -k server.key -d host 10.10.10.13 > appdata.txt
Enter PEM pass phrase:
commandrine@bridge:~$
Pretty cool stuff. You need the server's private key before you can view session data associated with the said key.
Comments
Post a Comment