wireshark 解密浏览器https数据包
一、导出浏览器证书有两种方法
1、在浏览器快捷方式追加启动参数:
--ssl-key-log-file="d:\log\2.log"
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe --ssl-key-log-file="d:\log\2.log"
2、环境变量中新建用户变量SSLKEYLOGFILE=路径\2.log文件
选取那种都可以。 --ssl-key-log-file优先级大于SSLKEYLOGFILE
二、wireshark 点击编辑>首选项>protocol>tls:
三、配置好重启浏览器即可抓包:
四:看一个form表单提交抓包:
1、浏览器打开菜鸟教程在线编辑器 (runoob.com)
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>菜鸟教程(runoob.com)</title>
</head>
<body>
<h2>表单</h2>
<form action="/" method="post">
<!-- 文本输入框 -->
<label for="name">用户名:</label>
<input type="text" id="name" name="name" required>
<br>
<!-- 密码输入框 -->
<label for="password">密码:</label>
<input type="password" id="password" name="password" required>
<br>
<!-- 单选按钮 -->
<label>性别:</label>
<input type="radio" id="male" name="gender" value="male" checked>
<label for="male">男</label>
<input type="radio" id="female" name="gender" value="female">
<label for="female">女</label>
<br>
<!-- 复选框 -->
<input type="checkbox" id="subscribe" name="subscribe" checked>
<label for="subscribe">订阅推送信息</label>
<br>
<!-- 下拉列表 -->
<label for="country">国家:</label>
<select id="country" name="country">
<option value="cn">CN</option>
<option value="usa">USA</option>
<option value="uk">UK</option>
</select>
<br>
<!-- 提交按钮 -->
<input type="submit" value="提交">
</form>
</body>
</html>2、开启wireshark抓包
可以看到已经把form表单提交的用户名密码等信息解密了。
五、看下浏览器内部环境变量定义:
1、ssl-key-log-file定义在services\network\public\cpp\network_switches.cc
// Causes SSL key material to be logged to the specified file for debugging
// purposes. See
// https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
// for the format.
const char kSSLKeyLogFile[] = "ssl-key-log-file";2、环境变量SSLKEYLOGFILE
content\browser\network_service_instance_impl.cc
base::FilePath ssl_key_log_path;
if (command_line->HasSwitch(network::switches::kSSLKeyLogFile)) {
UMA_HISTOGRAM_ENUMERATION(kSSLKeyLogFileHistogram,
SSLKeyLogFileAction::kSwitchFound);
ssl_key_log_path =
command_line->GetSwitchValuePath(network::switches::kSSLKeyLogFile);
LOG_IF(WARNING, ssl_key_log_path.empty())
<< "ssl-key-log-file argument missing";
} else {
std::unique_ptr<base::Environment> env(base::Environment::Create());
std::string env_str;
if (env->GetVar("SSLKEYLOGFILE", &env_str)) {
UMA_HISTOGRAM_ENUMERATION(kSSLKeyLogFileHistogram,
SSLKeyLogFileAction::kEnvVarFound);
#if BUILDFLAG(IS_WIN)
// base::Environment returns environment variables in UTF-8 on
// Windows.
ssl_key_log_path = base::FilePath(base::UTF8ToWide(env_str));
#else
ssl_key_log_path = base::FilePath(env_str);
#endif
}
}总结:优先取--ssl-key-log-file 再取SSLKEYLOGFILE环境变量值