First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

How to decrypt data?

  • retag add tags

I’m not even a beginner but have downloaded Wireshark on my mac to monitor my home WiFi network.

I’m trying to decrypt the data but can’t manage to find the sore-master key. I’ve tried terminal and nano and used the help below but I haven’t had success. Can anyone help?

Thanks

Open Launchpad, click Other, and launch a terminal to run this command in Mac OSX:

nano ~/.bash_profile

The following steps are the same for both operating systems.

At the end of the file, add this line:

Bash Command

export SSLKEYLOGFILE=~/.ssl-key.log

Press Ctrl+X, Y to save your changes.

Bash Profile

Close the terminal window and open another to set the variable, then type the following to confirm it’s been set successfully:

echo $SSLKEYLOGFILE

After you execute the command, you should see output similar to the image above. /Users/comparitech/.ssl-key.log is the full path to my SSL pre-master key log. Note: You’ll want to make a note of yours, which will be different, to enter in Wireshark.

Now that the variable has been set, you can move on to the next set of steps.

Lexy09's avatar
1
Lexy09
asked 2022-06-01 19:51:33 +0000
grahamb's avatar
23.8k
grahamb
updated 2022-06-02 17:33:52 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

...and the next steps involve a web browser that is used to connect to a website using HTTPS?

Because that is what is involved with using $SSLKEYLOGFILE, decryption of TLS connections with web browsers acknowledging $SSLKEYLOGFILE.

If your purpose is to monitor the WiFi network you'll have to start looking at monitor mode, setting of decryption parameters in IEEE 802.11 preferences. And even then, newer Macs may need even more hoops to jump through.

Jaap's avatar
13.7k
Jaap
answered 2022-06-02 13:37:28 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Thanks for your reply, much appreciated.

I just don’t get any joy with seeing this step: Users/comparitech/.ssl-key.log

It is a new Mac so this could be the issue.

Is there any other software you think could be used to decrypt for n mac?

I’m wanting to monitor my home WiFi - apps, browsers visited as I’m worried my daughter is getting bullied. I know you can’t see exactly what is written or anything but just an idea of what is accessed and when would be a big help.

Thanks again for helping a beginner!!

Lexy09's avatar Lexy09 (2022-06-02 14:23:42 +0000) edit
more
  • delete

Can you get any sort of paid help to decrypt these files?

Thanks

Lexy09's avatar Lexy09 (2022-06-03 13:06:52 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer