12Ağu
How do I capture HTTPS requests with Python if I have full access to the user’s computer
Before any of you answer, "HTTPS is built on top of TLS and everything is encrypted"
I need to specify a very important note: I have FULL access to the client's machine (Windows)
My requirement is that I need to capture HTTP(s) requests
Below is the example code to run on the windows machine to capture HTTP requests
import scapy.all as scapy
from scapy.layers import http, tls
from scapy.arch.windows import get_windows_if_list
from pprint import pprint
SELF_IP = scapy.get_if_addr("Ethernet")
def sniff(interface):
scapy.sniff(iface=interface, store=False, prn=process_packet)
def process_packet(packet: scapy.Packet):
if packet.haslayer(http.HTTPRequest):
url = packet[http.HTTPRequest].Host.decode() + packet[http.HTTPRequest].Path.decode()
fields = packet[http.HTTPRequest].fields
# print(packet[http.HTTPRequest]
print(f"[+] HTTP Request >> {url}")
def print_interfaces():
interfaces = get_windows_if_list(extended=True)
for interface in interfaces:
pprint(interface)
# print(interface['name'] + " " + interface['guid'])
# print_interfaces()
sniff("Ethernet")
I've heard that, to decrpyt HTTPS requests, I need to find the private key, now where do I find this private key and how do I go about decrypting those HTTPS requests
