New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Decrypted TLS packets #6
Comments
json2pcap is script which processes tshark jsonraw output (output from CLI based wireshark) and backward assemble pcap. It is not proper encoder, just uses raw hex dump of dissected fields from jsonraw output to assemble it in reverse order. What can be achieved has certain limitations and the result depends on the input tshark json. The wireshark and tshark has capabilities to decrypt TLS/SSL or IPSec. Here are some links which could be useful. Here is combined example from the above links:
|
Thanks for looking at this. |
Follow up to #5
json2pcap
a possible solution to Export PCAP containing decrypted traffic?The
http
information is in the JSON output butjson2pcap
produces a garbled pcap:The output above is from
Files: dump.pcapng, premaster.txt
from the Wireshark Wiki Sample Captures - SSL with decryption keysThe text was updated successfully, but these errors were encountered: