TLS log file encryption with WireShark is not working properly
Hello,
I am currently studying IT and I have to do a TLS encryption with WireShark. The task is to start google chrome with a ssl log file, then visit a website and sign up using my username and password. Then I am supposed to analyze the HTTP packets and find the packet with my username and password. I did start chrome with a log file, set the log file in WireShark and signed up on a website, but WireShark doesn't show me a signle HTTP packet. Does anyone know why it doesn't and what I can do to make it work?
The TLS wiki page has an example capture and pre-master file.
(nice reference for pre-master file: NSS Key Log Format )
I guess you want Wireshark to DECRYPT things.
WireShark doesn't show me a signle HTTP packet
I guess your first problem is capturing traffic correctly before you even attempt to deal with the cryptographic transformations. Maybe this link could help:
https://wiki.wireshark.org/CaptureSetup/
You have to capture the correct way: on the correct interface that the traffic will transit and have suitable permissions to do so. You also need the correct filters to look for the traffic you want.