Client Server SSL Decryption

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Client Server SSL Decryption

L0 Member

Hi Folks ;


I have a distributed software on my internal network and everyone is using it. It's like endpoint and it has a server .this server sometimes sends something to the server in the direction of the internet.
I want to look into the data that it sends. I don't know if it is leaking critical information or what.

I opened SSL Decypt and got packet capture from Palo alto but it is full of encrypted fail errors

This is not a website because let me explain simply, the server inside sends a TLS SSL connection to the outside and ports the data, how can I see inside the data posted inside.

There is SSL Decryption on websites and it works, but how can I decrypt a software that communicates Client - Server?

 

susipicious.JPG

1 REPLY 1

Cyber Elite
Cyber Elite

Hello,

You might not be able to. There are some apps that use certificate pining to prevent ssl decryption in the middle, or man-in-the-middle. 

 

Sorry it doesnt truly answer your question.

 

Regards,

  • 419 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!