Mais conteúdo relacionado
Semelhante a Sniffing SSL Traffic (20)
Sniffing SSL Traffic
- 20. Normal RSA handshake Client Server ServerHello ClientHello Certificate ServerHelloDone ClientKeyExchange ChangeCipherSpec Finished (encrypted) ChangeCipherSpec Finished (encrypted)
- 34. Ephemeral RSA (or DH) handshake Client Server ServerHello ClientHello Certificate ServerHelloDone ClientKeyExchange ChangeCipherSpec Finished (encrypted) ChangeCipherSpec Finished (encrypted) ServerKeyExchange
- 37. Client Authentication Client Server ServerHello ClientHello Certificate ServerHelloDone Certificate ClientKeyExchange Finished (encrypted) ChangeCipherSpec Finished (encrypted) CertificateRequest CertificateVerify ChangeCipherSpec
- 43. Handshake of a Reused Session Client Server ServerHello ClientHello ChangeCipherSpec Finished (encrypted) ChangeCipherSpec Finished (encrypted)
- 48. Providing the server private key (1) tshark -r file.cap -o ssl.keys_list:192.168.3.3,443,http,"c:ey.pem" -o ssl.debug_file:"c:sl-debug.log" -V -R http ssl.keys_list: 192.168.3.3,443,http,c:ey.pem ssl.debug_file: c:empsl-debug.log Wireshark preferences file: When using Tshark:
- 50. Converting keys root@mgmt# openssl rsa -in encrypted.key -out cleartext.key Enter pass phrase for encrypted.key: <passphrase> writing RSA key root@mgmt# root@mgmt# openssl pkcs12 -in pem.cert -inkey pem.key -export -out cert.pkcs12 Enter Export Password: <new-passphrase> Verifying - Enter Export Password: <new-passphrase> root@mgmt# root@mgmt# openssl rsa -inform DER -in der.key -out pem.key Enter pass phrase for encrypted.key: <passphrase> writing RSA key root@mgmt# Removing passphrase: Converting from DER to PEM (and removing passphrase): Converting from PEM to PKCS12 (and adding passphrase):
- 57. Here is the user and password from logs Tail –f sslstrip.log
Notas do Editor
- Mostly used for bulk encryption How to exchange keys?
- public-private key Mostly used for secure key exchanges How to verify keys?