How do I view the communications of proprietary applications installed on my PC?
When I looked at this communication using Wireshark, I found that the communication with the server was encrypted with SSL, and I didn't know the actual content.
If I can get a common key encrypted with a public key in SSL, I think I can decrypt the contents. Is there any way?
The server's private key is unknown due to proprietary applications.
Application Running Operating System: Windows 10 Home
windows network ssl wireshark
To decode SSL communication in Wireshark
One of the following is required, but this requirement seems difficult.
If your application supports HTTP Proxy, you can use a debug proxy like Fiddler.You can impersonate the certificate, so you can also pick up SSL communications.However, it is not recommended that the application take action against certificate camouflage.
Technically, it's possible to interrupt SSL communications instead of explicitly using proxy to disguise the certificate, but I can't think of any application that could do this easily.
It's supposed to be on Windows.
Internet Explorer, Windows Update and others have internal communication libraries, each published as Windows Internet (WinINET) and Windows HTTP Services (WinHTTP)
Proprietary applications rarely handle SSL on their own, and are expected to use the above libraries or libraries such as OpenSSL.Luckily, if you are using the above libraries, the API is published, so you can also hook the API call to view plaintext data returned to the application after SSL decryption.If OpenSSL is dynamically linked to DLLs, I think it is equally possible, but I have no experience.
There are technical difficulties such as how to hook, so I will refrain from answering any specific instructions.
© 2024 OneMinuteCode. All rights reserved.