I tried that days ago with Wireshark. SimCity uses SSL for server communication and it has hard coded certificates - it does not use the OS SSL certificates. This prevents you from using a self signed cert to decrypt the data, at least without complicated patching of the game exe.
How about catching the packets before SSL? I have no knowledge about modern Windows debugging, or how Simcity might block a debugger. But I guess you could pinpoint the location of the messages just before SSL encryption, and just dump them out?
That sounds plausible. Again, I'm not a windows guy, but unless they've statically linked the SSL libraries, you should just be able to inject your own dll and capture the data on the way into the library.
I would think that they have statically linked it, which is why I thought about using a debugger to catch the data. With dynamically linked library, such as OpenSSL, it would be quite easy to capture the data.
