Results 1 to 2 of 2

Thread: Is it possible to decrypt TLS / HTTPS traffic on mobile device using ettercap and Wireshark?

  1. #1
    Join Date

    Is it possible to decrypt TLS / HTTPS traffic on mobile device using ettercap and Wireshark?

    So I was recommended a video on YouTube where they showcased ARP poisoning and Wireshark, which made me very interested so I played around with it for a little bit.
    I also tried decrypting data using Wireshark on my home network using the sslkeylogfile method which I found super fascinating, I managed to see a lot of data that had been encrypted using TLS / HTTPS, but this time around it was decrypted.

    That being super cool, I started wondering if this could be taken a step futher? Doing the same thing but on other devices on the same network.
    For instance, if I were to perform a MITM attack on my own network, between my mobile phone and my router, where my laptop would be the MITM. I learned that you can use what's called ARP poisoning / spoofing to intercept the data between the router and the device. However the data would be encrypted due to TLS / HTTPS.
    Is it possible to perform the same sslkeylogfile method? I've read that it only works on Chromium and Firefox based browsers, so Safari probably wouldn't work no? Unless Safari is Chromium based which I have no idea about.

  2. #2
    Join Date
    Safari and Chrome are both based on the original webkit engine, however, safari and chrome split some years back (at least 6 from memory) and since then have gone there own ways. Safari is much more locked down than Chrome, and they are not compatible.

    To try and crack TLS/HTTPS you have to use SSL stripping, and yes, you could be man in the middle with your phone.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts