How to really decrypt WPA2 packets?

Hello, I’ve read and tried the many so called decrypt WPA2 802.11 packets out there in YouTube and other sites, but it seems when I try it, only if do a MITM attack does it seldomly work. The only part that works is if I’m visiting at HTTP page, and these days everything is HTTPS.

So how does one do an offline decrypt of HTTPS WPA2 traffic? I hear the 3 way handshake must be in the capture and then you can pass credentials to Wireshark, right? Well I did all this but Wireshark still doesn’t show the basics like the URL visited, logins,etc.
I also tried sslstrip.
The goal woold be to capture WIFi WPA2 traffic and be able to see what website were visited and any pictures.
Anyone know how to really do this?

for what I understand you are not trying to decrypt the WPA2 packets, meaning you have the wifi password and have access to the network right?

Since you already have access, you need MITM or DNS poisoning to redirect traffic. Https is by nature encrypted so you wont be able to decrypt the traffic without ssl strip (or if you had the private key of the web server).

The 3 way handshake has nothing to do with encryption, is just TCP’s way to agree to start exchanging information.

my advise would be: since you already have access to the network, use mitm (you can read about mitmf -mitm framework) you can do arp poisoning or dns poisoning to redirect traffic through your computer (remember to do the proper network config on your pc) you’ll capture the traffic that way. Also read about Xplico. might be useful

Hi that is correct I have access to the network but with MITM when tried it a few times the sslstrip doesn’t really work. I visted websites, logged into email accounts but sslstrip didn’t show me anything. I have used Xplico as well, very nice GUI tool but since the cap file is encrypted this tool also didn’t show much.

For MITM I read that sometimes the target user will see webpages with url that is not secure. Is there a way to “snoop” and target user has no clue packets are being rerouted via MITM? And good tutorials out there that really work?
I not a newbie at this but I see a lot of videos out on YouTube where u follow to the letter but no results. Most of the time is because videos are like 4 years old.
Any help on this would be great.