|
|
|
|
|
|
by e12e
1755 days ago
|
|
|
In addition to what others have mentioned - you could probably find the session keys in ram - but for a system without debug knobs, injecting your own certificate authority is probably easier. For stuff using nss(Firefox)/openssl/gnutls - you can usually just ask nicely for a copy: > The key log file is a text file generated by applications such as Firefox, Chrome and curl when the SSLKEYLOGFILE environment variable is set. To be precise, their underlying library (NSS, OpenSSL or boringssl) writes the required per-session secrets to a file. This file can subsequently be configured in Wireshark https://wiki.wireshark.org/TLS#TLS_Decryption https://gnutls.org/manual/html_node/Debugging-and-auditing.h... |
|
|