How do I get the ssl certificate or session key from LINE for decrypting the https traffic?

[anythingg]

In detail, how do I get the ssl certificate or session key from LINE for decrypting the https traffic with wireshark? I want to decrypt the https traffic so I can reverse engineer some code.

[ii64]

Even you got the reversed data, you cant know what inside it except reverse the thrift. Why not try to tunnel all tcp to our proxy so we can monitor all activity(https can monitored but its got encrypted.). In case, hard to find the "decrypt" for the data

[Nilpo]

This is possible. (It's how I've been reversing the API). But it's not for the feint of heart or those who aren't familiar with doing this kind of work.

The short answer is that you have to get the key from your system. Wireshark allows for decrypting SSL traffic on the fly if you provide the key. I have a workaround that works for this API but I'd rather not share it publicly since it can be used for analyzing encrypted data.

As @anysz has mentioned, the only other option is to tunnel traffic through a proxy server. As it relays traffic, it can also capture the SSL request during the initial handshake. You'll need a virtual machine and a bit of Googling for this method. This is called a "Man In The Middle" attack. You might also encounter the terms "SSL Forward Proxy". The studious among you should have enough to get a Google degree with that.

[max32002]

https://en.wikipedia.org/wiki/Man-in-the-middle_attack

real-life implementations include the following:

• DSniff – the first public implementation of MITM attacks against SSL and SSH
• Fiddler2 HTTP(S) diagnostic tool
• NSA impersonation of Google
• Opendium Iceni Content-control software, used to perform inspection of HTTPS traffic at the gateway.
• Superfish malware
• Websense Content Gateway – used to perform inspection of SSL traffic at the proxy
• wsniff – , a tool for 802.11 HTTP/HTTPS based MITM attacks

See also:

• Aspidistra transmitter – a British radio transmitter used for World War II "intrusion" operations, an early man-in-the-middle attack.
• Babington Plot – the plot against Elizabeth I of England, where Francis Walsingham intercepted the correspondence.
• Boy-in-the-browser – a simpler type of web browser MITM
• Computer security – the design of secure computer systems.
• Cryptanalysis – the art of deciphering encrypted messages with incomplete knowledge of how they were encrypted.
• Digital signature – a cryptographic guarantee of the authenticity of a text, usually the result of a calculation only the author is expected to be able to perform.
• Evil Maid Attack – attack used against full disk encryption systems
• Interlock protocol – a specific protocol to circumvent a man-in-the-middle attack when the keys may have been compromised.
• Key management – how to manage cryptographic keys, including generation, exchange and storage.
• Key-agreement protocol – a cryptographic protocol for establishing a key in which both parties can have confidence.
• Man-in-the-browser – a type of web browser MITM
• Man-on-the-side attack – a similar attack, giving only regular access to a communication channel.
• Mutual authentication – how communicating parties establish confidence in one another's identities. Password-authenticated key agreement – a protocol for establishing a key using a password.
• Quantum cryptography – the use of quantum mechanics to provide security in cryptography (while older methods rely on one-way functions).
• Secure channel – a way of communicating resistant to interception and tampering. Spoofing attack