Hi there,
I downloaded the Unsniff trial version to test its TLS decryption features. I am particularly interested in decrypting resumed session.
For that purpose, I captured the entire traffic of an FTPS (implicit) connection and saved it as .pcap file. I then followed the instructions on
www.unleashnetworks.com/resources/articl...tls-decryption.html.
Unfortunately, nothing happens and nothing is being decrypted. For example, I don't even see unsniff identifying the TLS handshake packets as such. Am I missing a step maybe?
The cipher used is RSA_WITH_AES_256_CBC_SHA, which I read is supported. Also, I am certain that I am using the correct key and have it imported correctly into unsniff.
Any advice?
Regards,
Nigel