stackoom
  简体   繁体   中英

Encryption in Wireshark (HTTP, AES, JSON)

 原文  2016-11-28 10:15:46       http/ encryption/ aes/ wireshark

Question

I got a HTTP-Post in Wireshark with a encrypted payload. Where can I add the Key for decrypting the content? The Content should be JSON and the encryption is AES 128 bit. I got the Key in HEX.

There was no success using several online decryption tools.

1 answers

solution1
 0  2016-11-28 12:22:36

Wireshark accepts keys in PEM format. They usually look like this: 

    -----BEGIN ENCRYPTED PRIVATE KEY-----
Mxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END ENCRYPTED PRIVATE KEY-----

To enter the key in Wireshark, you need to go to Edit-> Preferences -> Protocols -> SSL

Note that the ability of any tool to decipher the encrypted stream depends on the key-exchange mechanism. If the client and server use, for example, a variation of the Diffie-Hellman algorithm for key exchange, it would be impossible to decrypt the stream.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Wireshark not showing http protocols trace http packet with wireshark Simple Http alternative for Wireshark Wireshark HTTP Trace HTTP and HTTPS Response in wireshark http request statistics in wireshark About Wireshark and http/tcp stream Wireshark – HTTP filter not working on macOS What's the meaning of http protocol fields in Wireshark? Decode HTTP packet content in python as seen in wireshark
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM