How can I decrypt/decode TLS packet in wireshark

I need to analyze TLS Packets and want to see actual packets going throgh TLS.What exactly is the decoding procedure and what exactly are requirements
saini_erAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ravenplCommented:
You will not. That's the purpose of using SSL/TLS.

If You had server's private ssl key (and possibly client's, if in use), You could descamble initial TLS handshake packets, which contains key and cipher id to be used during regular transmission. THen having those two You could descramble next traffic. Note, that the key is renegotiated periodically.

Yet I'm not aware of any tool doing this automatically for You.
Anybody knows such tool?
0
TolomirAdministratorCommented:
Take a look at http://www.fiddler2.com/fiddler2/ it helped me already a lot:

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language.

Fiddler is freeware and can debug traffic from virtually any application, including Internet Explorer, Mozilla Firefox, Opera, and thousands more.

Tolomir
0
TolomirAdministratorCommented:
If you want more details about the TLS technique please check:

http://en.wikipedia.org/wiki/Secure_Sockets_Layer
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

saini_erAuthor Commented:
my basic purpose is to correlate TLS traffic with Corresponding RTP traffic on Lan side for VOIP MGCP call..Is there any systematic procedure to analyze this using timestamps/payload on wireshark
0
TolomirAdministratorCommented:
As ravenpl mentioned you are not supposed to see TLS packets decrypted as man in the middle.

Tolomir
0
saini_erAuthor Commented:
I do have some idea about that but still I have seen lot on web about the possibility of tls. Where do I need to copy rsa certificate
0
saini_erAuthor Commented:
anybody knew how to compare payload of actual packet with tls encypted packet
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Encryption

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.