OK so I'm struggling to understand TLS/SSL authentication on a wifi network with no login. Are different private keys generated for each device on the network, and if so how do they bind the keys to that device? Is it by IP address or MAC address?
> Are different private keys generated for each device on the network
It's even finer-grained than that, each application running on each device has a new random key for the duration of the session.
>>59988718
Any ideas then on how you would decrypt the traffic with WS running in monitor mode?
>>59988867
You don't, that's the point.
The magic of TLS/SSL and asyemmetric crypto in general is that it can guarantee (in theory) secure communication over an insecure channel.
As long as the client or server themselves aren't compromised, you're safe. No man in the middle can figure out what is being said by snooping.
>>59989021
you can force traffic to be unencrypted using ssltrip
>>59989021
You can set your browser to dump SSL encryption keys, which can be used to decrypt SSL network dumps in Wireshark.
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
>>59989076
Or this, yeah.
>>59989043
How does this work, does it intercept and rewrite links during HTTP communication so that it never enters HTTPS?
>>59989076
But will that decrypt all the data captured by WS in monitor mode, or only the devices/applications which use those particular encryption keys?
>>59989043
I don't think the client will let you downgrade with HSTS enabled.
>>59989211
sslstrip2
everything else depends if the user is autistic enough
>>59989156
Obviously only those that are explicitly set up this way and use the NSS library, as the possibility to decrypt connections is something you normally want to avoid.
>>59989222
Do you have a good article explaining how HSTS is defeated in this case?