@2006 Frank4DD
ssldump and sslsniffer download
ssldump 0.9b3
It is available at http://www.rtfm.com/ssldump/
Written by Eric Rescorla.
Limitation: works only on the webserver
sslsniffer 1.21
It is available at http://crypto.stanford.edu/~eujin/sslsniffer/
Written by by Eu-Jin Goh andi Dan Boneh from Stanford University
Limitation: doesn't show encrypted html data
Analyzing example with ssldump
susie:~ # ssldump -i eth0 host 172.20.203.72 or host 172.20.203.73 or host
172.20.203.74 and port 74 -d
New TCP connection #1: susie.frank4dd.com(2318) <-> n30prxy2.frank4dd.com(74)
0.0006 (0.0006) C>S
---------------------------------------------------------------
CONNECT n30clf1:443 HTTP/1.0
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.2 (like
Gecko)
Host: n30clf1
---------------------------------------------------------------
0.0026 (0.0020) S>C
---------------------------------------------------------------
HTTP/1.0 200 Connection established
---------------------------------------------------------------
1 1 0.0064 (0.0037) C>S SSLv2 compatible client hello
Version 3.0
cipher suites
SSL_RSA_WITH_RC4_128_MD5
SSL2_CK_RC4
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL2_CK_RC2
SSL2_CK_3DES
SSL_DHE_RSA_WITH_AES_256_CBC_SHA
SSL_DHE_DSS_WITH_AES_256_CBC_SHA
SSL_RSA_WITH_AES_256_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_AES_128_CBC_SHA
SSL_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_AES_128_CBC_SHA
SSL_DHE_DSS_WITH_RC4_128_SHA
SSL2_CK_RC464
SSL2_CK_DES
SSL_DHE_DSS_WITH_RC2_56_CBC_SHA
SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
SSL_RSA_EXPORT1024_WITH_RC4_56_MD5
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
1 2 0.0092 (0.0028) S>C Handshake
ServerHello
Version 3.0
session_id[32]=
1e 91 7c 13 27 49 07 b0 73 d6 8f fe 5a bf a6 8e
b3 b1 11 f7 37 31 8b 25 25 96 2d 2e ed 83 05 75
cipherSuite SSL_RSA_WITH_RC4_128_MD5
compressionMethod NULL
1 3 0.0092 (0.0000) S>C Handshake
Certificate
1 4 0.0092 (0.0000) S>C Handshake
ServerHelloDone
1 5 0.0097 (0.0005) C>S Handshake
ClientKeyExchange
1 6 0.0097 (0.0000) C>S ChangeCipherSpec
1 7 0.0097 (0.0000) C>S Handshake
1 8 0.0238 (0.0140) S>C ChangeCipherSpec
1 9 0.0238 (0.0000) S>C Handshake
1 10 0.0503 (0.0265) C>S application_data
1 11 0.1212 (0.0708) S>C application_data
1 16.1616 (16.0403) C>S TCP FIN
1 17.6403 (1.4787) S>C TCP FIN
Use keys to follow the encrypted traffic
susie:~ # openssl x509 -in test.pem -pubkey -noout > testpubkey.pem susie:~ # cat testpubkey.pem -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7bH5JmLVmnsU3Y22sOq TxuhLbjVv7km33l06QLxWglT0HPwJt69dME9A2cAAo1tIjIJAZI6ViDKUI9SyI8p uybCcrb123lxVyTgaA+uNZmyLKW91TNFM84esTc+9/gB36/FEmK8LvYAmRHSpsF4 NzwCdLzFRL6K0FoqGxkGNNmvh5FNd9CMWVRUzdZ3Sczs9XTfDROJ9Sq1f0BFTuVL LGpbzM88p00451AOhZiHzlDD9CRGFtas3BgoBEYM81UM6uvQhc+kw12iuEjRG2E8 lFvvZogkhaeZeZ+kkS8JgeQ2FW6onwlWZojllOfy8YPtYurc1eenbLj04oexmjT0 gQIDAQAB -----END PUBLIC KEY-----
On the web server, execute the following example command to see decrypted SSL communication
webclf1:/etc/apache-ssl# ssldump -d -k /etc/apache-ssl/apache.pem -i eth0 port
443
New TCP connection #1: n30prxy2.frank4dd.com(36041) <-> webclf1(443)
1 1 0.0059 (0.0059) C>S SSLv2 compatible client hello
Version 3.0
cipher suites
SSL_RSA_WITH_RC4_128_MD5
SSL2_CK_RC4
SSL_RSA_WITH_RC4_128_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL2_CK_RC2
SSL2_CK_3DES
Unknown value 0x39
Unknown value 0x38
Unknown value 0x35
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Unknown value 0x33
Unknown value 0x32
Unknown value 0x2f
SSL_DHE_DSS_WITH_RC4_128_SHA
SSL2_CK_RC464
SSL2_CK_DES
SSL_DHE_DSS_WITH_RC2_56_CBC_SHA
SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
SSL_RSA_EXPORT1024_WITH_RC4_56_MD5
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
1 2 0.0061 (0.0001) S>C Handshake
ServerHello
Version 3.0
session_id[32]=
1f c8 11 c9 46 92 8b ae 3b 9f 4f 0d f4 ab f6 bf
aa fc dd 64 bc d4 90 98 c7 35 45 4e 28 16 34 a1
cipherSuite SSL_RSA_WITH_RC4_128_MD5
compressionMethod NULL
1 3 0.0061 (0.0000) S>C Handshake
Certificate
1 4 0.0061 (0.0000) S>C Handshake
ServerHelloDone
1 5 0.0092 (0.0031) C>S Handshake
ClientKeyExchange
1 6 0.0092 (0.0000) C>S ChangeCipherSpec
1 7 0.0092 (0.0000) C>S Handshake
Finished
1 8 0.0216 (0.0124) S>C ChangeCipherSpec
1 9 0.0216 (0.0000) S>C Handshake
Finished
1 10 0.0518 (0.0301) C>S application_data
---------------------------------------------------------------
GET /cert.shtml HTTP/1.1
Connection: Keep-Alive
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.2 (like
Gecko)
Referer: https://webclf1/
Accept: text/html, image/jpeg, image/png, text/*, image/*, */*
Accept-Encoding: x-gzip, x-deflate, gzip, deflate
Accept-Charset: utf-8, utf-8;q=0.5, *;q=0.5
Accept-Language: en, de, ja
Host: webclf1
Authorization: Basic Zm1pZ2dlOnRlc3QxMjMh
---------------------------------------------------------------
1 11 0.1399 (0.0881) S>C application_data
---------------------------------------------------------------
HTTP/1.1 200 OK
Date: Tue, 07 Nov 2006 09:43:54 GMT
Server: Apache/1.3.33 Ben-SSL/1.55 (Debian GNU/Linux) mod_python/2.7.10
Python/2.3.4 PHP/4.3.10-16 mod_auth_pam/1.1.1 mod_perl/1.29
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1
9ed
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta name="generator" content="Bluefish,vim">
<meta name="copyright" content="">
<meta http-equiv="expires" content="5">
<meta name="description" content="">
<link rel="stylesheet" type="text/css" href="/css/style.css">
<meta http-equiv="Content-Style-Type" content="text/css">
<title>HTML Index Page</title>
</head>
<body>
<hr noshade>
<h2><span class="kopf"> <a href="http://myweb"> My WebSite</a>
<a href="http://www.frank4dd.com/howto"> Remote Howtos</a></span></h2>
<h1><span class="kopf">
<i>Central Logging Facility Root Certificate</i></span></h1>
<hr class="c1">
<h2>The Local Root Certificate</h2>
<br>
<p>
Here is how to install the root certificate on your machine.
Please click <a href="ca/root_cert.crt">here</a> to install
the root certificate.
Depending on your browser will be presented an import dialouge.
Follow it to install.
Here are some details you might want to check:
</p>
<table BORDER=1 WIDTH="85%" summary="root cert properties">
<tr><td>
MD Fingerprint:
</td><td>
2C:4C:5C:2F:31:DD:F1:1C:B2:A6:A1:9E:95:1D:86:54
</td></tr>
<tr><td>
SHA1 Fingerprint:
</td><td>
C3:A5:BB:AB:38:2F:A2:BB:0C:02:3D:D6:4E:A9:EE:54:57:B2:46:D0
</td></tr>
<tr><td>
Valid from:
</td><td>
(2004-04-08 15:39:09 GMT)
</td></tr>
<tr><td>
Valid to:
</td><td>
(2004-04-07 15:39:09 GMT)
</td></tr>
<tr><td>
Issuer
</td><td>
/C=DE/ST=Saxony/L=Dresden/O=Frank4DD/OU=Support/CN=www.frank4dd.com/
Email=public@frank4dd.com
</td></tr>
</table>
<br><br>
<i>
Last modified 2006-06-06, 16:20 CEST
. Please report errors to your friendly <a href="mailto:public@frank4dd.com"
>Webmaster</a>. Thanx.
</i>
<p>
<a href="/admin">[Administration]</a>
</p>
<p>
<a class="left" href="http://www.debian.org">
<img style="border":
0
---------------------------------------------------------------
1 16.1905 (16.0506) C>S TCP FIN
1 16.1906 (0.0001) S>C TCP FIN
Example using sslsniffer
fm@susie:~/sslsniffer> ./sslsniffer -p 8888 -np 443 webclf1
SSLV3/TLS Sniffer 1.1 written by Eu-Jin Goh
Stanford University Applied Crypto Group
SSL Sniffer listening on port number 8888
Will connect incoming connections to webclf1 on port 443
--------------------------------------------------------
Received connection from localhost, port 12527
Reading from CLIENT socket
Received SSLV2 Client Hello ...
From Client Hello -- Protocol Version: 3.0
Session ID Length -- 0 bytes
Session ID --
Cipher Suite Length 78 bytes ... number of cipher suites 26
Cipher Suite List is --
Hex Code: 0x00 0x04
Type: RSA with 128 bit RC4 and hash function MD5
Hex Code: 0x01 0x00 0x80
Type: RSA with 128 bit RC4 and hash function MD5
Hex Code: 0x00 0x05
Type: RSA with 128 bit RC4 and hash function SHA
Hex Code: 0x00 0x0a
Type: RSA with 3DES EDE in CBC mode and hash function SHA
Hex Code: 0x03 0x00 0x80
Type: RSA with 128 bit RC2 CBC and hash function MD5
Hex Code: 0x07 0x00 0xc0
Type: RSA with 192 bit 3DES EDE CBC and hash function MD5
Hex Code: 0x00 0x39
Type: Elliptic Curve DHE DSS Export with 40 bit DES CBC and hash function SHA
Hex Code: 0x00 0x38
Type: Elliptic Curve DHE DSS with 3DES EDE CBC and hash function SHA
Hex Code: 0x00 0x35
Type: Unknown Cipher Suite
Hex Code: 0x00 0x16
Type: DHE RSA with 3DES EDE in CBC mode and hash function SHA
Hex Code: 0x00 0x13
Type: DHE DSS with 3DES EDE in CBC mode and hash function SHA
Hex Code: 0x00 0x33
Type: Unknown Cipher Suite
Hex Code: 0x00 0x32
Type: Unknown Cipher Suite
Hex Code: 0x00 0x2f
Type: Unknown Cipher Suite
Hex Code: 0x00 0x66
Type: DHE DSS with 128 bit RC4 and hash function SHA
Hex Code: 0x08 0x00 0x80
Type: Unknown SSLV2 cipher used
Hex Code: 0x06 0x00 0x40
Type: RSA with 64 bit DES CBC and hash function MD5
Hex Code: 0x00 0x65
Type: DHE DSS Export with 56 bit RC4 and hash function SHA
Hex Code: 0x00 0x64
Type: RSA Export with 56 bit RC4 and hash function SHA
Hex Code: 0x00 0x63
Type: DHE DSS Export with DES CBC and hash function SHA
Hex Code: 0x00 0x62
Type: RSA Export with DES CBC and hash function SHA
Hex Code: 0x00 0x61
Type: RSA Export with 56 bit RC2 CBC and hash function MD5
Hex Code: 0x00 0x60
Type: RSA Export with 56 bit RC4 and hash function MD5
Hex Code: 0x00 0x15
Type: DHE RSA with DES in CBC mode and hash function SHA
Hex Code: 0x00 0x12
Type: DHE DSS with DES in CBC mode and hash function SHA
Hex Code: 0x00 0x09
Type: RSA with DES in CBC mode and hash function SHA
Challenge Length -- 16 bytes
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
Record Length: 74
Received a HANDSHAKE packet ...
HandShake Packet Type :- Server Hello
From Server Hello -- Protocol Version 3.0
Length of session ID -- 32 bytes
Session ID --
0x8c680f45027fe69549c4f18e4af88e84a0d417d7a8eeaa417c882df699d488b5
Cipher Suite is --
Hex Code: 0x00 0x04
Type: RSA with 128 bit RC4 and hash function MD5
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
Record Length: 1247
Received a HANDSHAKE packet ...
HandShake Packet Type :- Certificate
CERTIFICATE INFORMATION :-
Validity -- Not After Oct 8 07:11:18 2011 GMT
Not Before Sep 12 07:11:18 2006 GMT
Subject Distinguished Name --
/C=DE/ST=SN/L=Dresden/O=Frank4DD/OU=Support/CN=webclf1.frank4dd.com/
emailAddress=public@frank4dd.com
Issuer Distinguished Name --
/C=DE/ST=Saxony/L=Dresden/O=Frank4DD/OU=Support/CN=WebCA/emailAddress
=support@frank4dd.com
RSA Public key size 2048 bits
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
Record Length: 4
Received a HANDSHAKE packet ...
HandShake Packet Type :- Server hello done
Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
Record Length: 260
Received a HANDSHAKE packet ...
HandShake Packet Type :- Client key exchange
Length of RSA Encrypted PreMaster Secret -- 256 bytes
RSA Encrypted PreMaster Secret --
0x6673c5fe758751dc2bc0852b4959c310d4165ab4c2a4e4a51d23585538a23f9aed24b42e1adc
5a917238739423094341467dffda6c4e9eea6893280c5a4fb52bed76b2dd36851fa88e613e9e1f29
1fae755278cb1066e5fa1e74675cc245d5d4437dcdebfd01669e1dd5c606da89ad1ed7534f08871f
02e57d424553bc2ed69eb098662914a13c12d61f91acf8fd08d27d14a651a54704b56058213cf142
8d439640eb7d15f03d81f32aa6926de3415000f054e7a2cdfa4c56bbf7bdeb725ec76afa678d9228
f9842d3422ab4210fd394f20a0ae7620bec9e4275b206a10834e907f1ee226e0529d4d1812c3423a
5ecc57d97da3b1704a53cb17e9197364656e
Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
Record Length: 1
Received a CHANGE_CIPHER_SPEC packet:
Further packets will be encrypted ...
Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
Record Length: 56
Received a HANDSHAKE packet ...
Packet is encrypted.
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
Record Length: 1
Received a CHANGE_CIPHER_SPEC packet:
Further packets will be encrypted ...
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
Record Length: 56
Received a HANDSHAKE packet ...
Packet is encrypted.
Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
Record Length: 354
Received APPLICATION DATA packet ...
Packet is encrypted.
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
Record Length: 908
Received APPLICATION DATA packet ...
...
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
Record Length: 56
Received a HANDSHAKE packet ...
Packet is encrypted.
Reading from CLIENT socket
Close connections