I have been using MITM for decrypting https traffic , using tools like fiddler and burpsuite . Is there a way to decrypt packet sent over TLS, any guidance would be a real help.
Asked
Active
Viewed 3,738 times
0
-
I'm pretty sure this is a duplicate but I can't find the post right now. The tl;dr is that you will need the TLS master key, which means you will need have complete control over at least one of the two endpoints. – forest Mar 14 '18 at 05:55
-
I surely searched from the questions , if you find it letme know , otherwise dont mark it duplicate, thanks – Amit Chahal Mar 14 '18 at 08:25
1 Answers
0
Capture
- --> Open Fiddler
- --> Tools
- --> Fiddler Options
- Set the option boxes as shown in the image below:
Source: How do I use Fiddler to capture HTTP/HTTPS sessions for debugging?
Decrypt
If you haven't already, enable the Decrypt HTTPS traffic option, shown in the image above. You can read how to decrypt TLS traffic with Fiddler in the How come I can see full HTTPS requests via Fiddler? thread, which links to a set of instructions.
-
but this shows the data for https traffic not TLS , as for tls fiddler outputs tunnel to 443 – Amit Chahal Mar 14 '18 at 08:24