decrypting ssl traffic
Hi all,
I have been given 2 tasks using wireshark, and being a new user of the software, i am a tiny bit stumped about it.
The explanation of what we were meant to do is as follows:
"Use the files located in LabFiles/Wireshark-TLS
Decrypt SSL traffic in the Wireshark interface
Identify the online service that was used to exfiltrate stolen data
Identify the flag in the POSTed data."
Our questions to do the task are the following:
1) "What domain was used to exfiltrate the data?"
2) "What is the Flag?"
3) "What is the unique ID that was assigned to the submitted data?"
As this is a homework question we can't simply give you the answers, what have you tried?
I have tried to navigate wireshark and look online for solutions, to no avail. I thought a forum would be my next best bet. A-Levels they said, it will be fun they said. @grahamb
Presumably there was some intro to the subject in the class, have you reviewed that?
I was absent, and upon reviewing the notes and resources it still does not make sense. I emailed my teacher but she has not replied and I do not think I will be back in school for at least another 2 weeks. Do you perhaps know how to do it?
Its not for class I know what it's for. They are looking for people who can get a lot of information and learn very quickly with that information... All of the information on what to do is on their website or on google you don't need to ask these questions when the information is already there....