ayosec/Debug HTTPS Connections.md

Created November 30, 2018 14:12

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/ayosec/52ef4942bf3e0e8dd310d40298749814.js"></script>
Save ayosec/52ef4942bf3e0e8dd310d40298749814 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

Debug HTTPS Connections.md

Debug HTTPS Connections

Set SSLKEYLOGFILE to a path where private keys will be stored:
```
$ export SSLKEYLOGFILE=/some/path/keylog
$ firefox
```

Capture HTTPS traffic:

$ sudo tcpdump -s0 -i any -w /some/path/data.pcap

Analyze the captured traffic:

$ tshark                                 \
    -o ssl.keylog_file:/some/path/keylog \
    -r /some/path/data.pcap              \
    -Tjson                               \
    -e http.request.method               \
    -e http.request.full_uri             \
    -e http.file_data                    \
    -e http.response.code                \
    -Y http.request.method==POST