whatsapp sniffing ssl traffic with wireshark
I've been reading a lot of things about sniffing whatsapp traffic and I already know is over ssl. But I need to know if is there any way to decrypt this ssl traffic once I dont know what is the private key that whatsapp is using for encrypting.
So how could I discover which certificate is being used or whether exists another way to decrypt those messages?
I dont want to read anybody's chats, my intention is really se the protocols messages through the network. To understand, make a reverse engineering and elaborate a simple JAVA api to personal job purposes.
I'm using wireshark to read the ssl traffic.
You can try a Man-in-the-middle attack using a proxy software that can generate a fake SSL cert, but it won't always work. Some of these apps using certificate pinning to prevent exactly this type of attack.
HTTP proxy:
http://fiddler2.com/get-fiddler
This software generates a obvious fake cert that you are able to accept if the app will allow.
Certificate Pinning:
https://security.stackexchange.com/questions/29988/what-is-certificate-pinning
- EC2 can't get a public ip address after stop-start
- How to detect top legit search engine bots?
- Network Link Conditioner seems to have no effect on network behavior on Lion, Mountain Lion
- Set time interval between loops in tcpreplay
- What are the chances of losing a UDP packet?
- What is the correct way to use RPCs in C# LiteEntitySystem
- Docker host network container service access under Windows
- tcp stream replay tool
- Should you deploy django with wsgi?
- TCP: How are the seq / ack numbers generated?
- iOS Marvel API: How to get all Characters
- RabbitMQ - How to connect RabbitMQ which is installed on other server (PC)
- whatsapp sniffing ssl traffic with wireshark
- How do I convert a network address with mask to CIDR-notation using PowerShell?
- Handling multiple WebSocket write requests in a continuous loop with Boost.Beast
- next/image not consistently loading when used within a docker container?
- Socket duplication when forking a process in C
- nginx redirecting all subdomains (when it shouldn't)
- How to pass a variable list to another play with different hosts
- Tell whether a text string is an IPv6 address or IPv4 address using standard C sockets API
- Azure Container Registry not accessible via private endpoint [403 Forbidden]
- Request packets received but not dispatched to aiohttp server
- How to use flush() in java networking using UDP
- Fastest way to identify Network Path Exists
- tcpdump does not capture all packets at high packet frequency
- Docker-compose container using host DNS server
- Create folders and sub folders on a network drive vs a mapped drive
- Can we automate API calls used in my iOS App and validate its response
- Swift return data from 2 URLSessions
- Why doesn't error occur in UDP socket communication?