Ask Your Question
0

How to get a web address through a packet

asked 2018-07-22 15:25:19 +0000

Please tell me how to decrypt google search because everybody connected to my wifi uses google chrome.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-07-22 21:06:55 +0000

Guy Harris gravatar image

If the search is done over HTTP, without TLS, there's probably nothing to decrypt; you just get the URL they sent, from which, with a little work, you can determine what's being searched for. For example, if you do a search for

breaking tls

the URL will be something such as https://www.google.com/search?q=break..., and if you do a search for

"breaking tls"

the URL will be something such as https://www.google.com/search?q=%22br....

If the search is done over HTTP-over-TLS, which it probably will be, then it's not "decrypting Google search", it's "decrypting SSL/TLS" (which is used by more browsers than just Google Chrome - it was invented before Google Chrome even existed!), and the Wireshark support for that is described on the SSL page in the Wireshark Wiki. That requires that you supply some additional information, which might be possible to get in order to decrypt SSL/TLS sessions from a machine you control, but will probably be very difficult if not impossible to get for SSL/TLS sessions from a machine that you don't control.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2018-07-22 15:25:19 +0000

Seen: 419 times

Last updated: Jul 22 '18