Is it possible to decrypt messages of a communication over ssl

Question

There is such a windows application that communications with the server through https protocol, it is an auction tool and works only several hours per month. I have captured network packets (by windows network monitor) during one auction.

I am wondering whether it is possible to mimic this client, by analyzing the the packets I collected (or any packets I could collect in future auctions). I know from this wireshark artical "Secure Socket Layer (SSL)" that it should be possible (and without much effort) to descypt the entrypted messages from server, but how? And is it possible to dectrypt the messages sent by client to server, too?

Answer 1

So the whole reasoning behind SSL is that third party listeners who are trying to receive and decrypt packets between your client and the server won't be able to do so. The packets that your clients send will be encrypted and the server will need the appropriate key to decrypt the message which you could then analyze using wireshark. This article does a good job of explaining how HTTPS works. To answer your questions:

 Is it possible to mimic the client of a https web service

Yep, this is available in a lot of different tools. A popular tool you could implement this with is called Jmeter. This article explains how you can send HTTPS requests to your server. Once you exchange the key pairs between your client (JMeter in this case) you will be able to decrypt messages on both ends which have been sent in an encrypted format over the wire.

Please let me know if you have any questions!