0

I have IOT device running on openwrt and would like to sniff traffic between IOT device application which runs and sends traffic to Cloud. Application itself uses SSL certificates as I can see in /SSL folder there is 3 certificates like Cacert.pem, newcert.pem, newkey.pem I can see that application is using websocket: Sec-WebSocket-Key: ZSKgM............ WebSocket-Protocol: ldc Sec-WebSocket-Version: 13

Its possible to make decryption of traffic going towards cloud ? Certificates on IOT device is used by application and I can't replace them in easy way.....

Vaikis2006
  • 39
  • 5
  • 1
    Welcome to Stack Overflow! Please read the [help pages](https://stackoverflow.com/help), take the [SO tour](https://stackoverflow.com/tour), read about [how to ask good questions](https://stackoverflow.com/help/how-to-ask), as well as this [question checklist](https://codeblog.jonskeet.uk/2012/11/24/stack-overflow-question-checklist/). Have you checked out Wireshark's documentation on TLS decryption? – Ross Jacobs Feb 01 '20 at 20:18
  • Yes, I have checked. What suggestions to use iot device certificates for mitm proxy? – Vaikis2006 Feb 02 '20 at 06:56
  • is any way to use mitmproxy for such task ? IOT device has ca cert, cert and cert key – Vaikis2006 Feb 02 '20 at 22:17
  • https://github.com/mitmproxy/mitmproxy/issues/3807#issuecomment-581648759 – Vaikis2006 Feb 03 '20 at 22:29

0 Answers0