MWRMWR's profile - activity

overview network karma followed questions activity

2020-03-01 04:18:17 +0000	received badge	● Famous Question (source)
2020-03-01 04:18:17 +0000	received badge	● Notable Question (source)
2020-03-01 04:18:17 +0000	received badge	● Popular Question (source)
2019-10-10 08:45:09 +0000	received badge	● Rapid Responder
2019-10-10 08:45:09 +0000	answered a question	How to extract certificate from SSL session setup trace The wireshark trace I was using was not recording the entire length of each packet, so Wireshark was not interpreting th
2019-10-10 08:40:50 +0000	marked best answer	How to extract certificate from SSL session setup trace Hi, I have been working with Wireshark for years particularly as I use the Riverbed trace analysis programs daily. I found ways on the Internet to extract certificates from an SSL session trace. All the info I found seems to speak about fields I don't find in my version of WS (I tried 2.4.0 and 2.6.3. Expanding the SSL details on my trace shows: Frame 3871: 1402 bytes on wire (11216 bits), 256 bytes captured (2048 bits) Ethernet II, Src: Cisco_f3:00:11 (d4:2c:44:f3:00:11), Dst: HewlettP_6f:21:d0 (f4:39:09:6f:21:d0) Internet Protocol Version 4, Src: xxx.xxx.xxx.xxx, Dst: xxx.xxx.xxx.xxx Transmission Control Protocol, Src Port: 8080, Dst Port: 57248, Seq: 40, Ack: 752, Len: 1348 Hypertext Transfer Protocol Secure Sockets Layer TLSv1.3 Record Layer: Handshake Protocol: Server Hello Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 122 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 118 Version: TLS 1.2 (0x0303) Random: 679cb032893ff093df50b2aad0ef633b8e1923abb79837f8... Session ID Length: 32 Session ID: f8046d1805478fa3cc6658da57be9a03ba6807a79094af06... Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301) Compression Method: null (0) Extensions Length: 46 Extension: key_share (len=36) Extension: supported_versions (len=2) TLSv1.3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec Content Type: Change Cipher Spec (20) Version: TLS 1.2 (0x0303) Length: 1 Change Cipher Spec Message I understand I should find the certificate line and click right to export, but there is no certificate line. What am I doing wrong or not seeing? Thanks Marc
2019-10-10 08:40:50 +0000	received badge	● Scholar (source)
2019-10-10 07:06:17 +0000	commented answer	How to extract certificate from SSL session setup trace But I see that the packet I am analysing is maxed out in size and followed by another also maxed and a third half empty
2019-10-10 07:02:02 +0000	commented answer	How to extract certificate from SSL session setup trace Hi Yes this option was required in the post I followed in the first place. It was, as still is checked. Could you pleas
2019-10-10 07:01:31 +0000	commented answer	How to extract certificate from SSL session setup trace Hi Yes this option was required in the post I followed in the first place. It was, as still is checked. Could you pleas
2019-10-09 13:38:12 +0000	commented answer	How to extract certificate from SSL session setup trace Hi again, After checking again, could I have a different formatting/interpretation because I am tracing the client TO PR
2019-10-09 13:30:02 +0000	received badge	● Rapid Responder
2019-10-09 13:30:02 +0000	answered a question	How to extract certificate from SSL session setup trace Hello grahamb I agree that I had to update my version of WS to have a tls.xxx filter capability, but even then tls.hand
2019-10-09 10:19:19 +0000	asked a question	How to extract certificate from SSL session setup trace How to extract certificate from SSL session setup trace Hi, I have been working with Wireshark for years particularly as