I have a wired ethernet device on my LAN (part of my solar panel setup) and I'd like to know what it's doing. If I port-scan it there are no open ports at all, although it responds to pings. There USED to be a web server on port 1234 that gave some basic stats but this no longer works, so I presume that a firmware update has blocked it.
Using Wireshark I can see that the device is talking to a server that's in AWS's IP address range. But it won't talk to me directly, and the traffic I'm capturing is encrypted.
Purely as an academic exercise I'd like to be able to decrypt the captured packets. How easy is it to grab the necessary keys? Which tool should I google for first?
The device and my PC are both wired, btw. No wifi required. My switch allows port mirroring which is how I can see the device's traffic.
No comments:
Post a Comment