How to capture HTTPS packets with wireshark?

Language 2023-04-08 11:14:05 views: null

1. Why is the packet captured by wireshark not displayed?

Wireshark is a packet capture tool based on the network layer, which realizes content extraction by capturing TCP/IP packets of both parties in communication. For application layer data, if the application layer protocol is public, the data can be displayed directly. When processing the HTTPS protocol, because the private keys of the client and server are not known, the corresponding data is not visible. In other words, if wireshark can obtain the private key, it can display HTTPS communication data.

2. Use the chrome browser to capture https:

1. Configure the environment variable SSLKEYLOGFILE C:\Users\Sun\sslkey.log
**

Note: This environment variable depends on your own computer configuration, add it when you use it, don't remember to delete it. Because it may give you an exception when other programs are running: OPENSSL_Uplink(XX...XX,08): no OPENSSL_Applink

**

2. Restart Google Chrome, and check whether the sslkey.log file is generated at the specified location.
insert image description here

3. Configure and configure wireshark

​ Configure wireshark : Edit---->Preferences---->protocols---->TLS

insert image description here

4. Capture HTTPS packets

Use Google Chrome to visit the https website or send a request in the browser console.

Remark:

1. Open the console - as shown in the figure below (or right click on the browser page -> check -> switch to the console console)

2. Enter the following code on the console

fetch(new Request('url地址',{
    
    method:'POST'})).then((resp)=>{
    
    console.log(resp)})

Note: The url address is the interface path that needs to be accessed. If you need to pass parameters, just add the request parameters to the url (same as the get method)
3. After completing the second step, click Enter . In the address request column, you will see the request information of the interface, and you're done!
insert image description here

If the decryption fails, it will display as follows:
insert image description here

Be sure to delete the configured path when not in use, C:\Users\Sun\sslkey.log will continue to grow and affect other programs.

Reference link:

https://www.zhangshilong.cn/work/268389.html
https://blog.csdn.net/qq_17328759/article/details/122884006

Guess you like

Origin blog.csdn.net/qq_40267002/article/details/128644305
Recommended
The “35-year-old curse” of Chinese coders
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Ranking
Methods and Practices of Manufacturing Data Quality Improvement
Serial port upgrade program for efficient transmission of large firmware
Use KITTI to run LIOSAM and complete the EVO evaluation
Calling methods on string literals (Java)
ActiveMQ and Spring integration (4)
You have to know the HTTPS! ! !
PAT whether Structures and Algorithms 7-4 with a binary search tree (40 rows streamlined structure)
el-upload brings request background
UVA - 1204 Fun Game-like pressure dp
2019-12-28
Daily
More
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)

Code World

© 2018 codetd.com