@opt1kz said:
Having this exact same problem. Using older versions of Wireshark hasn’t helped. Extracting the private key from the PEM file to its own, separate file (as suggested by various Wireshark articles) hasn’t helped. I see the two binary streams as well as the cleartext exfiltration session, but I can’t do a f***ing thing with any of it. Incredibly frustrating.
I’ve even tried with other tools such as network miner but got nowhere 