This topic contains 1 reply, has 2 voices, and was last updated by MrEquinox98 1 month, 1 week ago.
- March 7, 2021 at 2:12 am #370004
I am trying to sniff and decrypt HTTPS requests that come from a binary I am running.
What the best way to do so?
I know a possible way is a man in the middle, but it would also require changing to root certificates in my computer because the binary does validate the certificate. Do you know some utility to do this whole process more easily?
- March 7, 2021 at 2:12 am #370005
I’m not sure it will work or not, but you can use Charles Proxy to sniff HTTPS connections.
- March 7, 2021 at 2:12 am #370006
I believe [Frida](https://frida.re/) is able to inject code to bypass certificate pinning. I have only used Frida for android, although it worked great in that instance.
You can use Fiddler, Burpsuite, Charles, etc. for generating the certificate and decrypting the HTTPS traffic.
- March 7, 2021 at 2:12 am #370007
You can dump the network traffic with tcpdump or wireshark or similar and decrypt it to re-run it later, if you have access to the keys from the server.
You must be logged in to reply to this topic.