How to Decrypt HTTPS Traffic with Wireshark // TLS Decryption // Wireshark Tutorial

Let's decrypt some HTTPS traffic! In this tutorial, we are going to capture the client side session keys by setting an environment variable in Windows, then feed them to Wireshark for TLS 1.3 decryption.

Follow along with me by downloading the trace file and keylog file here:
https://bit.ly/decrypttraffic

Steps to capture client session key:
Open Control Panel:System
Select Advanced System Settings
Select Environment Variables
Add a new variable: SSLKEYLOG
Save to a location with a name ending in *.log
Restart Chrome (You may have to reboot Windows in some cases)
Capture Traffic
Add the keylog file to the TLS Protocol in Wireshark Preferences.

Like/Share/Subscribe!

Want some more hands-on with Wireshark?
----------------------FREE ON DEMAND TRAINING -------------------------------
Getting Started with Wireshark (Intro Course) - https://bit.ly/wiresharkprotocols
Foundational TCP with Wireshark - https://bit.ly/wiresharktcp
Mastering TCP with Wireshark - https://bit.ly/mastertcp
Troubleshooting Slow Networks with Wireshark - https://bit.ly/wiresharktshoot
Visualizing Network Traffic with Wireshark - https://bit.ly/wiresharkgraphs

Or - check out a live class.
-------------------LIVE WIRESHARK TRAINING ------------------------
Network Analysis Fundamentals with Wireshark - https://bit.ly/virtualwireshark

Or - let's chat about your traces!
--------------- Trace File Analysis Services -----------------------
Got packet problems that you need help digging into?
https://www.packetpioneer.com/contact

Видео How to Decrypt HTTPS Traffic with Wireshark // TLS Decryption // Wireshark Tutorial канала Chris Greer