THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.

how to decrypt tlsv1.2 trafic from wireshark capture file in wireshark

retag add tags

Hello. I want to decrypt some tlsv1.2 trafic in wireshark. This trafic was captured from NetworkMiner and saved as wireshark capture file. These trafic belongs to some mobile app. I used bluestacks on windows to capture this mobile app trafic. Now i want to decrypt tlsv1.2 trafic from saved wireshark capture file. NetworkMiner also saved certificate files (.cer files). How to decrypt this tlsv1.2 trafic in this situation ? thanks.

ilqar200

asked 2022-02-25 22:34:14 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

Sort by

oldest

newest

most voted

It's likely that you won't be able to decrypt the traffic as you don't have toe correct keying material. The certificate files probably don't have the private keys and would only be usable if the traffic was encrypted using certain ciphers.

More information on decrypting traffic and how to obtain the keying material can be found on the Wiki page for TLS.

23.8k

grahamb

answered 2022-02-25 23:54:18 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer

how to decrypt tlsv1.2 trafic from wireshark capture file in wireshark edit

Comments

1 Answer

Comments