We'll download an example capture from the
SampleCaptures section on the Wireshark wiki (https://wiki.wireshark.org/SampleCaptures). Once you go to the
SampleCaptures page, go down to
Specific Protocols and Protocol Families |
HyperText Transport Protocol (
If you click on that, we'll have a list of some basic HTTP captures that we can look at. At the bottom it has a link to
SSL with decryption keys, and we'll download the top link
snake-oil2 070531.tgz file. All you'll need to do is extract that so that you can get to the files within.
By default, Windows can only extract
.zip files, so you'll need to download something like 7-Zip or WinRAR in order to open it.
When you open the cap file, you'll see that it's an older file. This is actually from somewhere around 2007, probably, so it's not a
pcapng file. But it...