wireshark 解密浏览器https数据包

一、导出浏览器证书有两种方法

1、在浏览器快捷方式追加启动参数：

--ssl-key-log-file="d:\log\2.log"

C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe  --ssl-key-log-file="d:\log\2.log"

2、环境变量中新建用户变量SSLKEYLOGFILE=路径\2.log文件

选取那种都可以。 --ssl-key-log-file优先级大于SSLKEYLOGFILE

二、wireshark 点击编辑>首选项>protocol>tls：

三、配置好重启浏览器即可抓包：

 四：看一个form表单提交抓包：

1、浏览器打开菜鸟教程在线编辑器 (runoob.com)

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8"> 
<title>菜鸟教程(runoob.com)</title> 
</head>
<body><h2>表单</h2><form action="/" method="post"><!-- 文本输入框 --><label for="name">用户名:</label><input type="text" id="name" name="name" required><br><!-- 密码输入框 --><label for="password">密码:</label><input type="password" id="password" name="password" required><br><!-- 单选按钮 --><label>性别:</label><input type="radio" id="male" name="gender" value="male" checked><label for="male">男</label><input type="radio" id="female" name="gender" value="female"><label for="female">女</label><br><!-- 复选框 --><input type="checkbox" id="subscribe" name="subscribe" checked><label for="subscribe">订阅推送信息</label><br><!-- 下拉列表 --><label for="country">国家:</label><select id="country" name="country"><option value="cn">CN</option><option value="usa">USA</option><option value="uk">UK</option></select><br><!-- 提交按钮 --><input type="submit" value="提交"></form></body>
</html>

2、开启wireshark抓包

可以看到已经把form表单提交的用户名密码等信息解密了。 

五、看下浏览器内部环境变量定义：

1、ssl-key-log-file定义在services\network\public\cpp\network_switches.cc

// Causes SSL key material to be logged to the specified file for debugging// purposes. See// https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format// for the format.const char kSSLKeyLogFile[] = "ssl-key-log-file";

2、环境变量SSLKEYLOGFILE

content\browser\network_service_instance_impl.cc

      base::FilePath ssl_key_log_path;if (command_line->HasSwitch(network::switches::kSSLKeyLogFile)) {UMA_HISTOGRAM_ENUMERATION(kSSLKeyLogFileHistogram,SSLKeyLogFileAction::kSwitchFound);ssl_key_log_path =command_line->GetSwitchValuePath(network::switches::kSSLKeyLogFile);LOG_IF(WARNING, ssl_key_log_path.empty())<< "ssl-key-log-file argument missing";} else {std::unique_ptr<base::Environment> env(base::Environment::Create());std::string env_str;if (env->GetVar("SSLKEYLOGFILE", &env_str)) {UMA_HISTOGRAM_ENUMERATION(kSSLKeyLogFileHistogram,SSLKeyLogFileAction::kEnvVarFound);
#if BUILDFLAG(IS_WIN)// base::Environment returns environment variables in UTF-8 on// Windows.ssl_key_log_path = base::FilePath(base::UTF8ToWide(env_str));
#elsessl_key_log_path = base::FilePath(env_str);
#endif}}

总结：优先取--ssl-key-log-file 再取SSLKEYLOGFILE环境变量值