Reputation: 389
How to check method-type in a https tcp packet
What i want to do is to parse the method-type of a HTTPS message using wireshark. I saw that for a HTTP message I see that for a 'GET' message, on the first row I see 'Get ...'. Now I want to check the same for a HTTPS message, but I dont see any field flagging the method-type.
What am I missing?
Upvotes: 0
Views: 226
Answers (2)
Reputation: 3541
HTTPS is HTTP over SSL. The entire HTTP request is encrypted as SSL record and that is what the server receives. And server/client reach this stage only on setting up the SSL tunnel successfully. You need to invoke appropriate methods to unwrap the SSL layer and get the application data.
I assume you are trying to decode it from Wireshark. You will need to posses the server's private key to get the data out. Wireshark has the means to load the key. It shall then display the decrypted data in the capture. - http://support.citrix.com/article/CTX116557
Upvotes: 0
Reputation: 123320
HTTPS is HTTP inside a SSL tunnel. So you need to first decrypt the data of the SSL tunnel before you could find out which method is used. Unless you can get access to the keys of the encryption there is no way to decode the content and get at the HTTP traffic.
Upvotes: 1
Related Questions
- How does Wireshark identify a TCP packet's protocol as HTTP?
- determine if TCP connection uses SSL
- Check if URL is HTTPS or HTTP protocol?
- Packet analysing in wireshark - How to distinguish HTTP protocol from TCP
- How to distinguish between different type of packets in the same HTTPS traffic?
- Check if request comes over HTTP or HTTPS in socket listener
- How to detect an incoming SSL (https) handshake (SSL wire format)?
- finding content-type from wireshark
- How can I determine on the server-side when an incoming request is HTTPS?
- c# Recognize Https Packets