How to get a web address through a packet
Please tell me how to decrypt google search because everybody connected to my wifi uses google chrome.
add a comment
If the search is done over HTTP, without TLS, there's probably nothing to decrypt; you just get the URL they sent, from which, with a little work, you can determine what's being searched for. For example, if you do a search for
breaking tls
the URL will be something such as https://www.google.com/search?q=break..., and if you do a search for
"breaking tls"
the URL will be something such as https://www.google.com/search?q=%22br....
If the search is done over HTTP-over-TLS, which it probably will be, then it's not "decrypting Google search", it's "decrypting SSL/TLS" (which is used by more browsers than just Google Chrome - it was invented before Google Chrome even existed!), and the Wireshark support for that is described on the SSL page in the Wireshark Wiki. That requires that you supply some additional information, which might be possible to get in order to decrypt SSL/TLS sessions from a machine you control, but will probably be very difficult if not impossible to get for SSL/TLS sessions from a machine that you don't control.
Asked: 2018-07-22 15:25:19 +0000
Seen: 411 times
Last updated: Jul 22 '18