I got a HTTP-Post in Wireshark with a encrypted payload. Where can I add the Key for decrypting the content? The Content should be JSON and the encryption is AES 128 bit. I got the Key in HEX.
There was no success using several online decryption tools.
Wireshark accepts keys in PEM format. They usually look like this:
-----BEGIN ENCRYPTED PRIVATE KEY-----
Mxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END ENCRYPTED PRIVATE KEY-----
To enter the key in Wireshark, you need to go to Edit-> Preferences -> Protocols -> SSL
Note that the ability of any tool to decipher the encrypted stream depends on the key-exchange mechanism. If the client and server use, for example, a variation of the Diffie-Hellman algorithm for key exchange, it would be impossible to decrypt the stream.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.