All Questions
14
questions
0
votes
1
answer
5k
views
How can I view the TLS 1.2 and 1.3 certificates in Wireshark?
I'm testing a new proxy and monitoring the connection using Wireshark, but I'm not seeing any certificate at all. my goal is to find out exactly what sensitive and identifiable data is leaving my ...
10
votes
1
answer
10k
views
In Wireshark where can I find the TLS Server's Certificate
I'm looking at a TLS v1.3 headers in Wireshark and I'm not sure where I would find the server certificate that is used to confirm that the server is who they claim to be.
The Client Sends Hello then ...
3
votes
2
answers
9k
views
How does the Client Hello message choose the Record Layer version?
I have two Client Hello messages from the same client to different servers, my client supports TLS 1.2 and TLS 1.3 as seen in the client hello supported versions.
In the first message the client ...
1
vote
1
answer
508
views
Specify no check certificate for npm dependency?
I'm trying to install a private gitlab repo in my project.
My package.json contains:
"dependencies": {
"<my-private-repo>": "git+https://<token>@<server>/<user>/<repo>...
0
votes
1
answer
2k
views
How to decrypt Outlook traffic in Wireshark?
I have to follow Comparitech's
SSL Decryption Guide: How to Decrypt SSL with Wireshark.
But it is not working for Outlook - Office 365 mail traffic.
I'm seeing traffic on port 443 only and it's SSL-...
1
vote
1
answer
409
views
Seeking explanation of occurences during Wireshark SSL/TLS decryption
Currently using:
OS: Official Kali Linux 2019.4
Browser:
Chromium Version 76.0.3809.100 (Developer Build) built on Debian bullseye/sid, running on Debian kali-rolling (64-bit)
Wireshark 2.6.10 (Git ...
0
votes
2
answers
1k
views
How to get actual network traffic of an application?
Firstly, sorry for bad English.
I have an application that runs on Citrix Workspace and generally I runs application from .ica extension file format. So I can access the database using this ...
1
vote
0
answers
757
views
Certificate Request and the certificate available in store not matching
I am trying to connect to a third party API which have a mutual TLS authentication setup enabled. So I am supposed to install my client certificates inside my key store and send it on TLS handshake ...
0
votes
1
answer
119
views
Human readable SSL/TLS packets
If I have a protocol-analyzer/packet-sniffer, such as wireshark installed on a particular device..
(or in this case; tcpdump & tshark etc. on my smartphone..)
..should I be able to read ...
1
vote
1
answer
6k
views
Wireshark's reassembled PDU consists of TCP segment size > MSS?
I'm looking into a Wireshark record provided by someone, to analyze something for them. Wireshark has conveniently reassembled 3 TCP segments that all transported a single TLS packet. The TLS packet ...
0
votes
1
answer
2k
views
How to check which TLS cipher suite is used in tcp connection
I am using imapfilter to sort my mails on a remote IMAP server provided by some company. My configuration restricts imapfilter to the usage of TLS 1.2 via STARTTLS. I do know how to check which TLS ...
2
votes
0
answers
329
views
How to use wireshark to decode SSL stream from remote API server?
I'm trying to troubleshoot some issues with what my code is sending to a remote API (over https). I've seen a ton of articles on Wireshark and decoding SSL, but they all make up their own test server ...
3
votes
1
answer
9k
views
How to use Charles as proxy to decrypt HTTPS messages in Wireshark?
I know I can view decrypted HTTPS data directly in Charles. But I want to view lower level SSL messages in Wireshark. So I setup Charles as the SSL proxy, using my own certificate, and I setup SSL ...
1
vote
1
answer
593
views
Wireshark TLS communication shows green HTTP packets when using CCProxy proxy server?
Client <--> CCProxy <--> Server
I have IE configured to use a proxy server for HTTP and Secure connections. I also have a proxy server is set up with CCProxy. It is my understanding that ...