How to get a web address through a packet
Please tell me how to decrypt google search because everybody connected to my wifi uses google chrome.
Please tell me how to decrypt google search because everybody connected to my wifi uses google chrome.
If the search is done over HTTP, without TLS, there's probably nothing to decrypt; you just get the URL they sent, from which, with a little work, you can determine what's being searched for. For example, if you do a search for
breaking tls
the URL will be something such as https://www.google.com/search?q=break..., and if you do a search for
"breaking tls"
the URL will be something such as https://www.google.com/search?q=%22br....
If the search is done over HTTP-over-TLS, which it probably will be, then it's not "decrypting Google search", it's "decrypting SSL/TLS" (which is used by more browsers than just Google Chrome - it was invented before Google Chrome even existed!), and the Wireshark support for that is described on the SSL page in the Wireshark Wiki. That requires that you supply some additional information, which might be possible to get in order to decrypt SSL/TLS sessions from a machine you control, but will probably be very difficult if not impossible to get for SSL/TLS sessions from a machine that you don't control.
Please start posting anonymously - your entry will be published after you log in or create a new account.
Asked: 2018-07-22 15:25:19 +0000
Seen: 419 times
Last updated: Jul 22 '18
Decrypt SSL TN3270 (telnet) traffic?
Unable to decrypt HTTPS TLSv1.2 traffic with wireshark (sha1WithRSAEncryption)
tshark capture filter with live ssl decryption
Export decrypted ESP traffic to cap/pcap file
MDaemon Windows Server SSL Certificates
Cannot decrypt POST requests in monitor mode [closed]
how to setup wireshark to decrypt TLS SIP