A simple wrapper script to work with decryption of TLS in Wireshark using the (pre-)master secret.
$ wireshark-tls.py firefox/google-chrome/...
$ wireshark-tls.py curl -iL api.github.comThe script automatically sets the environment variable SSLKEYLOGFILE and launches the wrapped program. If no args are specified, the default shell ($SHELL on *nix or Git Bash/PowerShell/Windows PowerShell/Command Prompt on Windows) is launched.
| #!/usr/bin/env python3 | |
| import os | |
| import shutil | |
| import subprocess | |
| import sys | |
| WINDOWS_SHELLS = [ 'git-bash', 'pwsh', 'powershell', 'cmd' ] | |
| DEFAULT_LOGFILE_PATH = os.path.join(os.path.expanduser('~'), '.wireshark-keylogfile.txt') | |
| LOGFILE_KEY = 'SSLKEYLOGFILE' | |
| def get_default_args(): | |
| try: | |
| return [ os.environ['SHELL'] ] | |
| except KeyError: | |
| for shell in WINDOWS_SHELLS: | |
| found_executable = shutil.which(shell) | |
| if found_executable: | |
| return [ found_executable ] | |
| return [] | |
| def log(message, *args, **kwargs): | |
| print(f'{os.path.split(sys.argv[0])[-1]}: {message}', file=sys.stderr, *args, **kwargs) | |
| def main(): | |
| if len(sys.argv) > 1: | |
| args = sys.argv[1:] | |
| else: | |
| args = get_default_args() | |
| if not args: | |
| log('missing command to run and cannot find default shell') | |
| return 1 | |
| logfile_path = os.getenv(LOGFILE_KEY) or DEFAULT_LOGFILE_PATH | |
| log('please set the secret log file in Wireshark (Edit > Preferences > Protocols > TLS) to:') | |
| log('') | |
| log(f' {logfile_path}') | |
| log('') | |
| os.environ[LOGFILE_KEY] = logfile_path | |
| return subprocess.run(args).returncode | |
| if __name__ == '__main__': | |
| sys.exit(main()) |