All Questions
87
questions
-1
votes
1
answer
79
views
How do we secure our network traffic from packet sniffing tools [beyond TLS/SSL] [duplicate]
From following link: Decrypting TLS with Netsh/WireShark
I found its pretty easy to segregate the keys file from tcp requests and later decrypt with WireShark.
Are there any reliable/bullet-proof ...
0
votes
1
answer
49
views
Anlyzing PSK-TLS handshake (Handshake Finished record) in Wireshark
I am doing testing with some ethernet device, for which I use an own TLS implementation (using OpenSSL for the actual cryptographic functions). There are pre shared keys used. When I am connecting to ...
0
votes
1
answer
74
views
export burp certificate to wireshark for inspection
I am trying to figure out if i can take the burpsuite certificate and export it to wireshark to be able to inspect the traffic going through it. My main goal here is to test a website i own to see ...
2
votes
1
answer
237
views
Decrypt SSL with Wireshark supported browsers
I've been following the guide:
https://www.comparitech.com/net-admin/decrypt-ssl-with-wireshark/
Using it for chrome and Safari on MacOS does not populate any keys in the file, Did browsers stop keys ...
3
votes
2
answers
568
views
Decrypting network traffic and finding HTTPS private key
I've been battling with one school task for couple days and can't seem to find any idea how to solve it. The task is pretty simple:
Log in to the server using SSH. The answer to the task is in ...
0
votes
0
answers
162
views
Wireshark can't decrypt TLS from a specific python library
I have a problem. I'm using Wireshark 4.0.8. I created my ssl file to store my "(pre)-master-secrets". I can thus decrypt TLS from my browser or from different python libraries without ...
1
vote
0
answers
232
views
Wireshark decrypt TLS 1.2 from WCF client
I have managed to decrypt TLS 1.2 data using Wireshark on a connection from the browser to the WCF service, but cannot manage to do the same with the WCF client.
I'm not sure what is the difference, ...
1
vote
1
answer
2k
views
SNI visible in HTTP/3, QUIC connection?
Client Hello should be encrypted in HTTP/3 and QUIC, but in Wireshark I can still see SNI of the QUIC connection when using DoH.
The names should be encrypted inside the Handshake/CRYPTO packets.
is ...
1
vote
1
answer
944
views
Is this wireshark capture using TLS 1.2 or 1.3?
Which version of TLS is being used here?
0
votes
0
answers
94
views
Is SSL necessary when sending password to a API from a server?
I have bought a online service which allows me to send SMS messages by making a call to the provider's SOAP-API.
This is the WSDL I need to send a message:
<?xml version="1.0"?>
<...
4
votes
1
answer
4k
views
Can we add TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 on windows server 2012 using gpedit although not supported by windows OS by default?
We are using IIS on Windows 2012-R2 server to host dotnet apps. From the app, when we try connecting to an external 3rd party api we see TLS handshake failure. On running ssllabs test on that api, I ...
15
votes
3
answers
4k
views
Can an HTTPS request be sent twice?
When sniffing network traffic, one can see an HTTPS packet and all its (encrypted) data.
I am wondering what would happen if this packet is copied and then re-sent.
Is there a protocol at some layer ...
1
vote
0
answers
325
views
How to extract Wireshark keylog from a Java JSSE TLSv1.3 Session
Is it possible to extract the Wireshark keylog information directly from the TLSv1.3 handshake in a Java app? If so, how do I map the fields, or is additional material not shared in the handshake ...
0
votes
2
answers
4k
views
How to know whether mysql connection is using SSL or TLS connection?
I want to verify whether mysql remote connection is using tls/ssl connection for security purposes.
I ran status command to check initially:
mysql> status
--------------
mysql Ver 8.0.19 for osx10....
5
votes
2
answers
1k
views
Wireshark - How to monitor TLS traffic from a malware? (It does not write into the SSLKEYLOGFILE)
I recently found malware that uses TLS 1.2 to communicate with the c2 server.
I wanted to check the content of that but is encrypted. I have tried the method with the SSLKEYLOGFILE but unlike for ...