ok first i just want to say i love the show, its great, so much technical information to get the ideas flowing and a good place to start and give you some great tips to get you going. there just isnt a show like it, ive been looking for webcasts or podcasts such as this for a long time. also if anyone else knows of a good place for me to find alternative webcasts such as these, please inform me. :)
i would like to state that i am only interested in this particular topic for my own proof of concept and have no intentions to use it in nefarious ways.
ok.. so heres my problem.
OS: Windows XP --- yes that is the first problem!! D:
Software: Wireshark
basically ive done a pcap of my own gmail login routine and i would like to decrypt the packets and obtain my password. ive done a little bit of research on ssl and the key exchange, my interpretations is that a public key is provided to me through an Equifax Secure eBusiness certificate for gmail, and the private key is held by the gmail server. the problems i am having is using the certificate with wireshark to decrypt the ssl packets. the guides i found were either for the linux port of wireshark or just poorly explained.
Questions:
after i have the pcap, how do i use the certificate or public key to decrypt the packets?
is the Equifax Secure eBusiness cert the correct certificate to be using?
is the public key even stored within this cert? or is it contained within the pcap?
where is the certificate physically stored on my disk in XP?
i know i can export the certificates through firefox, but to what format? what is compatible with wireshark?
am i on the completely wrong track?
i am very much interested to get this resolved and this seems like the best choice of board to be asking such questions. :)
please reply back as i have lost faith in teh internetz trukz D: