Ethereal-users: Re: [Ethereal-users] Seeing the data sent through ssl comunication

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: Hansang Bae <hbae@xxxxxxxxxx>
Date: Sun, 08 Aug 2004 14:01:28 -0400
At 04:29 AM 8/3/2004, Jordi Masramon wrote:
>How do you exactly decode ssl in order to see the application data sent?
>I am capturing the traffic between my browser and my web server but I cannot see the data sent using ssl. 
>I have tried to use "tools/Decode as.." but it doesn't seem to work at all. I still see application data as an unredable junk.


This is a major pain.  couple of approaches are: 

1)  Use a proxy so you can sniff from there.  Since you control the proxy, you can decrypt the packets.  

2)  Try using a debug (checked) version of I.E's DLL (if you're using IE. while this isn't perfect, you can see what requests are being sent.

3)  Try using something like WebDetective on the PC itself.

hsb