03-18-2012, 04:09 AM
lagi jalan jalan cari panjang hashing md5 n sha1 ane nemu ini om 
bagus juga,, ini dia
Secure Socket Layer (SSL)
SSL provides communication security between two hosts. It provides integrity, authentication and confidentiality. It is used most commonly in web browsers, but can be used with any protocol that uses TCP as the transport layer.
History
SSL was originally a Netscape project realized in association with MasterCard, Bank of America, MDI & Silicon Graphics. The first version, SSLv1, wasn't released. SSLv2 was replaced by SSLv3 in 1999 because of security problems. At this time, SSL became a standard so IETF bought a patent and created TLS in 2001 (standard actually used a derivation of SSLv3).
Protocol dependencies
TCP: Typically, SSL uses TCP as its transport protocol.
Some well known TCP ports for SSL traffic are
443 https
636 ldaps
989 ftps-data
990 ftps
992 telnets
993 imaps
994 ircs
995 pop3s
5061 sips
Example traffic
Below is some excerpt from the snakeoil2 capture:
Secure Socket Layer
SSLv2 Record Layer: Client Hello
Length: 103
Handshake Message Type: Client Hello (1)
Version: SSL 3.0 (0x0300)
Cipher Spec Length: 78
Session ID Length: 0
Challenge Length: 16
Cipher Specs (26 specs)
Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080)
[ more Cipher Specs deleted ]
Challenge
Secure Socket Layer
SSLv3 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 74
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 70
Version: SSL 3.0 (0x0300)
Random
gmt_unix_time: Apr 24, 2006 11:04:15.000000000
random_bytes: FE81ED93650288A3F8EB63860E2CF68DD00F2C2AD64FCD2D...
Session ID Length: 32
Session ID (32 bytes)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Compression Method: null (0)
SSLv3 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 836
Handshake Protocol: Certificate
Handshake Type: Certificate (11)
Length: 832
[ Certificate details deleted ]
SSLv3 Record Layer: Handshake Protocol: Server Hello Done
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 4
Handshake Protocol: Server Hello Done
Handshake Type: Server Hello Done (14)
Length: 0
Secure Socket Layer
SSLv3 Record Layer: Handshake Protocol: Client Key Exchange
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 132
Handshake Protocol: Client Key Exchange
Handshake Type: Client Key Exchange (16)
Length: 128
SSLv3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: SSL 3.0 (0x0300)
Length: 1
Change Cipher Spec Message
SSLv3 Record Layer: Handshake Protocol: Finished
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 64
Handshake Protocol: Finished
Handshake Type: Finished (20)
Length: 36
MD5 Hash
SHA-1 Hash
Secure Socket Layer
SSLv3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: SSL 3.0 (0x0300)
Length: 1
Change Cipher Spec Message
SSLv3 Record Layer: Handshake Protocol: Finished
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 64
Handshake Protocol: Finished
Handshake Type: Finished (20)
Length: 36
MD5 Hash
SHA-1 Hash
Secure Socket Layer
SSLv3 Record Layer: Application Data Protocol: http
Content Type: Application Data (23)
Version: SSL 3.0 (0x0300)
Length: 432
Encrypted Application Data: 4AC33E9D7778012CB4BC4C9A84D7B9900C2110F0FA007C16...
Hypertext Transfer Protocol
GET / HTTP/1.1\r\n
Request Method: GET
Request URI: /
Request Version: HTTP/1.1
Host: localhost\r\n
User-Agent: Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2\r\n
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\n
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3\r\n
Accept-Encoding: gzip,deflate\r\n
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
Keep-Alive: 300\r\n
Connection: keep-alive\r\n
\r\n
Wireshark
The SSL dissector is fully functional and even supports advanced features such as decryption of SSL if the encryption key can be provided and Wireshark is compiled against GnuTLS (rather than OpenSSL or bsafe).
Preference Settings
If Wireshark is compiled with SSL decryption support, there will be a new option in the preferences for SSL. This only works for RSA key exchange if the RSA keys can be provided. If the key entry option is absent - then verify if your Wireshark is linked against the required GnuTLS library. This can be done with wireshark -v . The output should include GnuTLS and GCrypt. If you see without GnuTLS, without Gcrypt, then you will need reconfigure with --with-gnutls, recompile and reinstall..
RSA keys list
This option specifies the bindings between an IP address, a port, a protocol and a decryption key.
Example: 127.0.0.1,443,http,/path/to/snakeoil2.key
You can specify several such bindings by separating them with ';'
UNIX/Linux example
127.0.0.1,443,http,/path/to/snakeoil2.key;10.1.1.1,8080,smtp,/other/path/key.pem
Note: The path to the key file doesn't support ~ expansion.
Windows example:
127.0.0.1,443,http,c:\path\to\snakeoil2.key
The file can either be a 'PEM' format private key or a PKCS#12 keystore. If the file is a PKCS#12 keystore, the password for the keystore must be specified as a fifth element, example:
127.0.0.1,443,http,c:\path\to\snakeoil2.p12,password
Key File format conversion
The fileformat needed is 'PEM'. Note that it is common practice on webservers to combine the public key (or certificate) and the private key in a single PEM file.
In that case - locate this PEM file and cut and paste the section headed by 'PRIVATE KEY' (including header and footer) into a new 'file.key' file.
On Windows keys are often stored in PKCS7/DER format (locally) or in NET format (from any directory server). Use the following to convert:
# for PKCS7/DER keys (as held on disk)
openssl pkcs8 -nocrypt -in derfile.key -inform DER -out key.pem -outform PEM
# for NET keys (from the directory server)
openssl pkcs8 -nocrypt -in file.ick -inform NET -out key.pem -outform PEM
On MacOSX, Solaris, around Oracle and various other systems the fileformat used is often PKCS#12. Convert with:
openssl pkcs12 -nodes -in file.p12 -out key.pem -nocerts -nodes
And check that the file contains a 'PRIVATE KEY' header. I.e. it should look like this:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAtIvaDmeOGleYuxT01GfAmgugHVlqCOFfGYqy3gxMWt/fxO/7
s7BJzqnhAFOWBjmBAdj7hHmPyCoJM7/MdCDJt1y7d20BJAGxD0ZQ4kxzGZDCjc5z
....... some 20-100 lines of base64 encoded data ...............
Jh2kZkKoVG3Qr+66IlBDuVllIbwQU0F1fYy2FTjZL4vbmdupwHUyTnPK57vP8RJ7
cpc1qwLZxfurxZfhI9gxXOO5eUg1WBupw029SSoSafYBqO4a9wg1OA==
-----END RSA PRIVATE KEY-----
On linux you occasionally may encounter a wrongly packaged DER or NET file with a certain commercial product; in which case you can use:
openssl x509 -nocrypt -in foo.der -informat DER -out key.pem -outformat PEM
openssl x509 -nocrypt -in foo.net -informat NET -out key.pem -outformat PEM
and them can manually edit the file to just leave the 'PRIVATE KEY' section.
start_tls
SSL may be introduced underneath a protocol in the course of a conversation through the use of a "start_tls" command. For example, an LDAP conversation may be proceeding on port 389 until the LDAP client issues a "start_tls" command - see RFC2830 - at which point the subsequent LDAP operations are protected by SSL.
If the key list is specified as:
127.0.01,389,ldap,c:\path\to\snakeoil2.key
then all the traffic on port 389 will be treated as SSL, including the LDAP traffic prior to the "start_tls" command.
In order to dissect both clear LDAP traffic and the SSL protected LDAP traffic (on the same port), use the string "start_tls" rather than the port number. For example:
127.0.0.1,start_tls,ldap,c:\path\to\snakeoil2.key
Example capture file
SampleCaptures/snakeoil2_070531.tgz Set RSA keys list to 127.0.0.1,443,http,/path/to/rsasnakeoil2.key to decrypt [Unix/Linux]
Display Filter
A complete list of SSL display filter fields can be found in the display filter reference
Show only the SSL based traffic:
ssl
Capture Filter
You cannot directly filter SSL protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one.
Complete walk through
Ensure you have a version of Wireshark with GnuTLS support:
$ wireshark --version
wireshark 1.0.0
Copyright 1998-2008 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.9, with GLib 2.16.3, with libpcap 0.9.8, with libz
1.2.3, without POSIX capabilities, with libpcre 7.4, with SMI 0.4.7, with ADNS,
without Lua, with GnuTLS 2.2.2, with Gcrypt 1.4.0, with Heimdal Kerberos,
without PortAudio, without AirPcap.
Running on FreeBSD 7.0-RELEASE, with libpcap version 0.9.8.
Built using gcc 4.2.1 20070719 [FreeBSD].
Specifically check for the with GnuTLS 2.2.2 in the output.
Next create a server certificate with:
openssl req -new -x509 -out server.pem -nodes -keyout privkey.pem -subj /CN=localhost
Now run a server using above:
openssl s_server -www -ssl3 -cipher AES256-SHA -key privkey.pem
and test that the server works by going to https://localhost:4433/ (use the flag -accept 443 to bind above to the normal https port).
Now start Wireshark - add above privkey.pem in the SSL preference pane:
http://people.apache.org/~dirkx/settings.png
This should result in a config snipped in the file ~/.wireshark/preferences
ssl.desegment_ssl_records: TRUE
ssl.desegment_ssl_application_data: TRUE
ssl.keys_list: 127.0.0.1,4443,http,/home/dirkx/xx/privkey.pem
ssl.debug_file: /home/dirkx/.wireshark-log
and configure the capturing:
http://people.apache.org/~dirkx/config.png
and then do a test request; for example with the command
openssl s_client -ssl3
followed by typing
GET / HTTP/1.0
<empty line>
Then stop your capture. The screen should look like attached:
http://people.apache.org/~dirkx/dump.png
And the TCP connection like
http://people.apache.org/~dirkx/tcp.png
and analyze the SSL shows you:
http://people.apache.org/~dirkx/ssl.png
Or if you want to observe authentication with a client cert; try the following:
# Generate self signed cert
openssl req -new -x509 -nodes -out client.pem -keyout client.key -subj /CN=Moi/O=Foo/C=NL
# Start a server
openssl s_server -ssl3 -cipher AES256-SHA -accept 4443 -www -CAfile client.pem -verify 1 -key privkey.pem
# And test
(echo GET / HTTP/1.0; echo ; sleep 1) | openssl s_client -connect localhost:4443 -ssl3 -cert client.pem -key client.key
# tshark commands
tshark -o "ssl.desegment_ssl_records: TRUE" -o "ssl.desegment_ssl_application_data: TRUE" -o "ssl.keys_list: 127.0.0.1,4443,http,/home/dirkx/xx/privkey.pem" -o "ssl.debug_file: /home/dirkx/.wireshark-log" -i eth0 -R "tcp.port == 4443"
The log should look like http://people.apache.org/~dirkx/wireshark.log. Or, a more realistic example with Firefox is at http://people.apache.org/~dirkx/wireshark-firefox.log (from 10.11.0.200->10.11.0.111, port 4433).
Using the (Pre)-brother-Secret
Decoding an SSL connection requires either knowledge of the (asymmetric) secret server key and a handshake that does not use DH or the (base of) the symmetric keys used to run the actual encryption. Support was added to Wireshark with SVN revision 37401 to do this, so it became available with Wireshark 1.6. For instructions look at ask.wireshark.org
External links
http://en.wikipedia.org/wiki/Secure_Sockets_Layer Wikipedia article for SSL
http://eventhelix.com/RealtimeMantra/Networking/SSL.pdf Description of the basic cryptographic concept of SSL
http://blogs.sun.com/beuchelt/entry/decr..._wireshark Blog entry with additional details on SSL decryption with Wireshark
http://sharkfest.wireshark.org/sharkfest...Tshark.pps Sharkfest presentation by Sake Blok on troubleshooting SSL with Wireshark/Tshark (or watch the video of the presentation at http://www.lovemytool.com/blog/2009/06/s...ok_11.html)
The First Few Milliseconds of an HTTPS Connection
Discussion
Very cool. Any chance this can be expanded, for example to decrypt the ClientKeyExchange, and see the key material?
Is it possible to decrypt a TLS connection protected by a server and a client certicate? I couldn't get it to work.
Source di disini
bagus juga,, ini dia
Secure Socket Layer (SSL)
SSL provides communication security between two hosts. It provides integrity, authentication and confidentiality. It is used most commonly in web browsers, but can be used with any protocol that uses TCP as the transport layer.
History
SSL was originally a Netscape project realized in association with MasterCard, Bank of America, MDI & Silicon Graphics. The first version, SSLv1, wasn't released. SSLv2 was replaced by SSLv3 in 1999 because of security problems. At this time, SSL became a standard so IETF bought a patent and created TLS in 2001 (standard actually used a derivation of SSLv3).
Protocol dependencies
TCP: Typically, SSL uses TCP as its transport protocol.
Some well known TCP ports for SSL traffic are
443 https
636 ldaps
989 ftps-data
990 ftps
992 telnets
993 imaps
994 ircs
995 pop3s
5061 sips
Example traffic
Below is some excerpt from the snakeoil2 capture:
Secure Socket Layer
SSLv2 Record Layer: Client Hello
Length: 103
Handshake Message Type: Client Hello (1)
Version: SSL 3.0 (0x0300)
Cipher Spec Length: 78
Session ID Length: 0
Challenge Length: 16
Cipher Specs (26 specs)
Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080)
[ more Cipher Specs deleted ]
Challenge
Secure Socket Layer
SSLv3 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 74
Handshake Protocol: Server Hello
Handshake Type: Server Hello (2)
Length: 70
Version: SSL 3.0 (0x0300)
Random
gmt_unix_time: Apr 24, 2006 11:04:15.000000000
random_bytes: FE81ED93650288A3F8EB63860E2CF68DD00F2C2AD64FCD2D...
Session ID Length: 32
Session ID (32 bytes)
Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Compression Method: null (0)
SSLv3 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 836
Handshake Protocol: Certificate
Handshake Type: Certificate (11)
Length: 832
[ Certificate details deleted ]
SSLv3 Record Layer: Handshake Protocol: Server Hello Done
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 4
Handshake Protocol: Server Hello Done
Handshake Type: Server Hello Done (14)
Length: 0
Secure Socket Layer
SSLv3 Record Layer: Handshake Protocol: Client Key Exchange
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 132
Handshake Protocol: Client Key Exchange
Handshake Type: Client Key Exchange (16)
Length: 128
SSLv3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: SSL 3.0 (0x0300)
Length: 1
Change Cipher Spec Message
SSLv3 Record Layer: Handshake Protocol: Finished
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 64
Handshake Protocol: Finished
Handshake Type: Finished (20)
Length: 36
MD5 Hash
SHA-1 Hash
Secure Socket Layer
SSLv3 Record Layer: Change Cipher Spec Protocol: Change Cipher Spec
Content Type: Change Cipher Spec (20)
Version: SSL 3.0 (0x0300)
Length: 1
Change Cipher Spec Message
SSLv3 Record Layer: Handshake Protocol: Finished
Content Type: Handshake (22)
Version: SSL 3.0 (0x0300)
Length: 64
Handshake Protocol: Finished
Handshake Type: Finished (20)
Length: 36
MD5 Hash
SHA-1 Hash
Secure Socket Layer
SSLv3 Record Layer: Application Data Protocol: http
Content Type: Application Data (23)
Version: SSL 3.0 (0x0300)
Length: 432
Encrypted Application Data: 4AC33E9D7778012CB4BC4C9A84D7B9900C2110F0FA007C16...
Hypertext Transfer Protocol
GET / HTTP/1.1\r\n
Request Method: GET
Request URI: /
Request Version: HTTP/1.1
Host: localhost\r\n
User-Agent: Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.8.0.2) Gecko/20060308 Firefox/1.5.0.2\r\n
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\n
Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3\r\n
Accept-Encoding: gzip,deflate\r\n
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n
Keep-Alive: 300\r\n
Connection: keep-alive\r\n
\r\n
Wireshark
The SSL dissector is fully functional and even supports advanced features such as decryption of SSL if the encryption key can be provided and Wireshark is compiled against GnuTLS (rather than OpenSSL or bsafe).
Preference Settings
If Wireshark is compiled with SSL decryption support, there will be a new option in the preferences for SSL. This only works for RSA key exchange if the RSA keys can be provided. If the key entry option is absent - then verify if your Wireshark is linked against the required GnuTLS library. This can be done with wireshark -v . The output should include GnuTLS and GCrypt. If you see without GnuTLS, without Gcrypt, then you will need reconfigure with --with-gnutls, recompile and reinstall..
RSA keys list
This option specifies the bindings between an IP address, a port, a protocol and a decryption key.
Example: 127.0.0.1,443,http,/path/to/snakeoil2.key
You can specify several such bindings by separating them with ';'
UNIX/Linux example
127.0.0.1,443,http,/path/to/snakeoil2.key;10.1.1.1,8080,smtp,/other/path/key.pem
Note: The path to the key file doesn't support ~ expansion.
Windows example:
127.0.0.1,443,http,c:\path\to\snakeoil2.key
The file can either be a 'PEM' format private key or a PKCS#12 keystore. If the file is a PKCS#12 keystore, the password for the keystore must be specified as a fifth element, example:
127.0.0.1,443,http,c:\path\to\snakeoil2.p12,password
Key File format conversion
The fileformat needed is 'PEM'. Note that it is common practice on webservers to combine the public key (or certificate) and the private key in a single PEM file.
In that case - locate this PEM file and cut and paste the section headed by 'PRIVATE KEY' (including header and footer) into a new 'file.key' file.
On Windows keys are often stored in PKCS7/DER format (locally) or in NET format (from any directory server). Use the following to convert:
# for PKCS7/DER keys (as held on disk)
openssl pkcs8 -nocrypt -in derfile.key -inform DER -out key.pem -outform PEM
# for NET keys (from the directory server)
openssl pkcs8 -nocrypt -in file.ick -inform NET -out key.pem -outform PEM
On MacOSX, Solaris, around Oracle and various other systems the fileformat used is often PKCS#12. Convert with:
openssl pkcs12 -nodes -in file.p12 -out key.pem -nocerts -nodes
And check that the file contains a 'PRIVATE KEY' header. I.e. it should look like this:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAtIvaDmeOGleYuxT01GfAmgugHVlqCOFfGYqy3gxMWt/fxO/7
s7BJzqnhAFOWBjmBAdj7hHmPyCoJM7/MdCDJt1y7d20BJAGxD0ZQ4kxzGZDCjc5z
....... some 20-100 lines of base64 encoded data ...............
Jh2kZkKoVG3Qr+66IlBDuVllIbwQU0F1fYy2FTjZL4vbmdupwHUyTnPK57vP8RJ7
cpc1qwLZxfurxZfhI9gxXOO5eUg1WBupw029SSoSafYBqO4a9wg1OA==
-----END RSA PRIVATE KEY-----
On linux you occasionally may encounter a wrongly packaged DER or NET file with a certain commercial product; in which case you can use:
openssl x509 -nocrypt -in foo.der -informat DER -out key.pem -outformat PEM
openssl x509 -nocrypt -in foo.net -informat NET -out key.pem -outformat PEM
and them can manually edit the file to just leave the 'PRIVATE KEY' section.
start_tls
SSL may be introduced underneath a protocol in the course of a conversation through the use of a "start_tls" command. For example, an LDAP conversation may be proceeding on port 389 until the LDAP client issues a "start_tls" command - see RFC2830 - at which point the subsequent LDAP operations are protected by SSL.
If the key list is specified as:
127.0.01,389,ldap,c:\path\to\snakeoil2.key
then all the traffic on port 389 will be treated as SSL, including the LDAP traffic prior to the "start_tls" command.
In order to dissect both clear LDAP traffic and the SSL protected LDAP traffic (on the same port), use the string "start_tls" rather than the port number. For example:
127.0.0.1,start_tls,ldap,c:\path\to\snakeoil2.key
Example capture file
SampleCaptures/snakeoil2_070531.tgz Set RSA keys list to 127.0.0.1,443,http,/path/to/rsasnakeoil2.key to decrypt [Unix/Linux]
Display Filter
A complete list of SSL display filter fields can be found in the display filter reference
Show only the SSL based traffic:
ssl
Capture Filter
You cannot directly filter SSL protocols while capturing. However, if you know the TCP port used (see above), you can filter on that one.
Complete walk through
Ensure you have a version of Wireshark with GnuTLS support:
$ wireshark --version
wireshark 1.0.0
Copyright 1998-2008 Gerald Combs <[email protected]> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.9, with GLib 2.16.3, with libpcap 0.9.8, with libz
1.2.3, without POSIX capabilities, with libpcre 7.4, with SMI 0.4.7, with ADNS,
without Lua, with GnuTLS 2.2.2, with Gcrypt 1.4.0, with Heimdal Kerberos,
without PortAudio, without AirPcap.
Running on FreeBSD 7.0-RELEASE, with libpcap version 0.9.8.
Built using gcc 4.2.1 20070719 [FreeBSD].
Specifically check for the with GnuTLS 2.2.2 in the output.
Next create a server certificate with:
openssl req -new -x509 -out server.pem -nodes -keyout privkey.pem -subj /CN=localhost
Now run a server using above:
openssl s_server -www -ssl3 -cipher AES256-SHA -key privkey.pem
and test that the server works by going to https://localhost:4433/ (use the flag -accept 443 to bind above to the normal https port).
Now start Wireshark - add above privkey.pem in the SSL preference pane:
http://people.apache.org/~dirkx/settings.png
This should result in a config snipped in the file ~/.wireshark/preferences
ssl.desegment_ssl_records: TRUE
ssl.desegment_ssl_application_data: TRUE
ssl.keys_list: 127.0.0.1,4443,http,/home/dirkx/xx/privkey.pem
ssl.debug_file: /home/dirkx/.wireshark-log
and configure the capturing:
http://people.apache.org/~dirkx/config.png
and then do a test request; for example with the command
openssl s_client -ssl3
followed by typing
GET / HTTP/1.0
<empty line>
Then stop your capture. The screen should look like attached:
http://people.apache.org/~dirkx/dump.png
And the TCP connection like
http://people.apache.org/~dirkx/tcp.png
and analyze the SSL shows you:
http://people.apache.org/~dirkx/ssl.png
Or if you want to observe authentication with a client cert; try the following:
# Generate self signed cert
openssl req -new -x509 -nodes -out client.pem -keyout client.key -subj /CN=Moi/O=Foo/C=NL
# Start a server
openssl s_server -ssl3 -cipher AES256-SHA -accept 4443 -www -CAfile client.pem -verify 1 -key privkey.pem
# And test
(echo GET / HTTP/1.0; echo ; sleep 1) | openssl s_client -connect localhost:4443 -ssl3 -cert client.pem -key client.key
# tshark commands
tshark -o "ssl.desegment_ssl_records: TRUE" -o "ssl.desegment_ssl_application_data: TRUE" -o "ssl.keys_list: 127.0.0.1,4443,http,/home/dirkx/xx/privkey.pem" -o "ssl.debug_file: /home/dirkx/.wireshark-log" -i eth0 -R "tcp.port == 4443"
The log should look like http://people.apache.org/~dirkx/wireshark.log. Or, a more realistic example with Firefox is at http://people.apache.org/~dirkx/wireshark-firefox.log (from 10.11.0.200->10.11.0.111, port 4433).
Using the (Pre)-brother-Secret
Decoding an SSL connection requires either knowledge of the (asymmetric) secret server key and a handshake that does not use DH or the (base of) the symmetric keys used to run the actual encryption. Support was added to Wireshark with SVN revision 37401 to do this, so it became available with Wireshark 1.6. For instructions look at ask.wireshark.org
External links
http://en.wikipedia.org/wiki/Secure_Sockets_Layer Wikipedia article for SSL
http://eventhelix.com/RealtimeMantra/Networking/SSL.pdf Description of the basic cryptographic concept of SSL
http://blogs.sun.com/beuchelt/entry/decr..._wireshark Blog entry with additional details on SSL decryption with Wireshark
http://sharkfest.wireshark.org/sharkfest...Tshark.pps Sharkfest presentation by Sake Blok on troubleshooting SSL with Wireshark/Tshark (or watch the video of the presentation at http://www.lovemytool.com/blog/2009/06/s...ok_11.html)
The First Few Milliseconds of an HTTPS Connection
Discussion
Very cool. Any chance this can be expanded, for example to decrypt the ClientKeyExchange, and see the key material?
Is it possible to decrypt a TLS connection protected by a server and a client certicate? I couldn't get it to work.
Source di disini
