Ask Your Question
0

Assistance Required for Decrypting HTTPS Packets with SSLKEYLOGFILE

asked 2024-08-22 11:42:17 +0000

Hello everyone,

I'm attempting to decrypt HTTPS packets and understand that I may need a master key file for this purpose. I tried using the following command to generate the key log file: set SSLKEYLOGFILE=C:\keylogfile.txt start chrome However, I couldn't locate the keylogfile.txt file afterward. I've tried multiple times but without success. Could someone please guide me on where I might be going wrong or how I can obtain this key log file? Any suggestions or advice would be greatly appreciated. Thank you in advance!

edit retag flag offensive close merge delete

Comments

You have to check ALL Chrome instances have been stopped, does the wiki page on TLS decryption help? The suggested .cmd file might help.

grahamb gravatar imagegrahamb ( 2024-08-22 13:13:45 +0000 )edit

If running 4.2.0 or newer you can use
Tools-> TLS Keylog Launcher

There is a discussion in 19471: Suggested improvements for the “TLS Keylog Launcher” feature.

Chuckc gravatar imageChuckc ( 2024-08-22 13:50:30 +0000 )edit

c:\ might be protected by windows. Try a subdir such as c:\abc\sslkey.txt. Remember to create the dir c:\abc first.

rolandwu777 gravatar imagerolandwu777 ( 2024-08-25 16:41:24 +0000 )edit

1 Answer

Sort by » oldest newest most voted
0

answered 2024-08-25 18:59:24 +0000

rolandwu777 gravatar image

updated 2024-08-25 19:02:20 +0000

set SSLKEYLOGFILE=C:\keylogfile.txt in command line and start chrome may not work.

You need to go to Windows' "Enviroment Variables" Dailog box and add SSLKEYLOGFILE value c:\abc\sslkey.txt in "System variables"

Press Win + R, type sysdm.cpl, and hit Enter. Go to the Advanced tab and click Environment Variables. Under "System variables," click New. Enter SSLKEYLOGFILE as the variable name and C:\abc\sslkey.txt as the value. Click OK to save and exit all dialogs.

Then you can close all chrome and re-launch them. Check if you see sslkey.txt is updating. You will need to remove or rename that SSLKEYLOGFILE entry to disable this.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2024-08-22 11:42:17 +0000

Seen: 109 times

Last updated: Aug 25