@2006 Frank4DD
ssldump and sslsniffer download
ssldump 0.9b3
It is available at http://www.rtfm.com/ssldump/
Written by Eric Rescorla.
Limitation: works only on the webserver
sslsniffer 1.21
It is available at http://crypto.stanford.edu/~eujin/sslsniffer/
Written by by Eu-Jin Goh andi Dan Boneh from Stanford University
Limitation: doesn't show encrypted html data
Analyzing example with ssldump
susie:~ # ssldump -i eth0 host 172.20.203.72 or host 172.20.203.73 or host 172.20.203.74 and port 74 -d New TCP connection #1: susie.frank4dd.com(2318) <-> n30prxy2.frank4dd.com(74) 0.0006 (0.0006) C>S --------------------------------------------------------------- CONNECT n30clf1:443 HTTP/1.0 User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.2 (like Gecko) Host: n30clf1 --------------------------------------------------------------- 0.0026 (0.0020) S>C --------------------------------------------------------------- HTTP/1.0 200 Connection established --------------------------------------------------------------- 1 1 0.0064 (0.0037) C>S SSLv2 compatible client hello Version 3.0 cipher suites SSL_RSA_WITH_RC4_128_MD5 SSL2_CK_RC4 SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL2_CK_RC2 SSL2_CK_3DES SSL_DHE_RSA_WITH_AES_256_CBC_SHA SSL_DHE_DSS_WITH_AES_256_CBC_SHA SSL_RSA_WITH_AES_256_CBC_SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA SSL_DHE_RSA_WITH_AES_128_CBC_SHA SSL_DHE_DSS_WITH_AES_128_CBC_SHA SSL_RSA_WITH_AES_128_CBC_SHA SSL_DHE_DSS_WITH_RC4_128_SHA SSL2_CK_RC464 SSL2_CK_DES SSL_DHE_DSS_WITH_RC2_56_CBC_SHA SSL_RSA_EXPORT1024_WITH_RC4_56_SHA SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 SSL_RSA_EXPORT1024_WITH_RC4_56_MD5 SSL_DHE_RSA_WITH_DES_CBC_SHA SSL_DHE_DSS_WITH_DES_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA 1 2 0.0092 (0.0028) S>C Handshake ServerHello Version 3.0 session_id[32]= 1e 91 7c 13 27 49 07 b0 73 d6 8f fe 5a bf a6 8e b3 b1 11 f7 37 31 8b 25 25 96 2d 2e ed 83 05 75 cipherSuite SSL_RSA_WITH_RC4_128_MD5 compressionMethod NULL 1 3 0.0092 (0.0000) S>C Handshake Certificate 1 4 0.0092 (0.0000) S>C Handshake ServerHelloDone 1 5 0.0097 (0.0005) C>S Handshake ClientKeyExchange 1 6 0.0097 (0.0000) C>S ChangeCipherSpec 1 7 0.0097 (0.0000) C>S Handshake 1 8 0.0238 (0.0140) S>C ChangeCipherSpec 1 9 0.0238 (0.0000) S>C Handshake 1 10 0.0503 (0.0265) C>S application_data 1 11 0.1212 (0.0708) S>C application_data 1 16.1616 (16.0403) C>S TCP FIN 1 17.6403 (1.4787) S>C TCP FIN
Use keys to follow the encrypted traffic
susie:~ # openssl x509 -in test.pem -pubkey -noout > testpubkey.pem susie:~ # cat testpubkey.pem -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7bH5JmLVmnsU3Y22sOq TxuhLbjVv7km33l06QLxWglT0HPwJt69dME9A2cAAo1tIjIJAZI6ViDKUI9SyI8p uybCcrb123lxVyTgaA+uNZmyLKW91TNFM84esTc+9/gB36/FEmK8LvYAmRHSpsF4 NzwCdLzFRL6K0FoqGxkGNNmvh5FNd9CMWVRUzdZ3Sczs9XTfDROJ9Sq1f0BFTuVL LGpbzM88p00451AOhZiHzlDD9CRGFtas3BgoBEYM81UM6uvQhc+kw12iuEjRG2E8 lFvvZogkhaeZeZ+kkS8JgeQ2FW6onwlWZojllOfy8YPtYurc1eenbLj04oexmjT0 gQIDAQAB -----END PUBLIC KEY-----
On the web server, execute the following example command to see decrypted SSL communication
webclf1:/etc/apache-ssl# ssldump -d -k /etc/apache-ssl/apache.pem -i eth0 port 443 New TCP connection #1: n30prxy2.frank4dd.com(36041) <-> webclf1(443) 1 1 0.0059 (0.0059) C>S SSLv2 compatible client hello Version 3.0 cipher suites SSL_RSA_WITH_RC4_128_MD5 SSL2_CK_RC4 SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL2_CK_RC2 SSL2_CK_3DES Unknown value 0x39 Unknown value 0x38 Unknown value 0x35 SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA Unknown value 0x33 Unknown value 0x32 Unknown value 0x2f SSL_DHE_DSS_WITH_RC4_128_SHA SSL2_CK_RC464 SSL2_CK_DES SSL_DHE_DSS_WITH_RC2_56_CBC_SHA SSL_RSA_EXPORT1024_WITH_RC4_56_SHA SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 SSL_RSA_EXPORT1024_WITH_RC4_56_MD5 SSL_DHE_RSA_WITH_DES_CBC_SHA SSL_DHE_DSS_WITH_DES_CBC_SHA SSL_RSA_WITH_DES_CBC_SHA 1 2 0.0061 (0.0001) S>C Handshake ServerHello Version 3.0 session_id[32]= 1f c8 11 c9 46 92 8b ae 3b 9f 4f 0d f4 ab f6 bf aa fc dd 64 bc d4 90 98 c7 35 45 4e 28 16 34 a1 cipherSuite SSL_RSA_WITH_RC4_128_MD5 compressionMethod NULL 1 3 0.0061 (0.0000) S>C Handshake Certificate 1 4 0.0061 (0.0000) S>C Handshake ServerHelloDone 1 5 0.0092 (0.0031) C>S Handshake ClientKeyExchange 1 6 0.0092 (0.0000) C>S ChangeCipherSpec 1 7 0.0092 (0.0000) C>S Handshake Finished 1 8 0.0216 (0.0124) S>C ChangeCipherSpec 1 9 0.0216 (0.0000) S>C Handshake Finished 1 10 0.0518 (0.0301) C>S application_data --------------------------------------------------------------- GET /cert.shtml HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.2 (like Gecko) Referer: https://webclf1/ Accept: text/html, image/jpeg, image/png, text/*, image/*, */* Accept-Encoding: x-gzip, x-deflate, gzip, deflate Accept-Charset: utf-8, utf-8;q=0.5, *;q=0.5 Accept-Language: en, de, ja Host: webclf1 Authorization: Basic Zm1pZ2dlOnRlc3QxMjMh --------------------------------------------------------------- 1 11 0.1399 (0.0881) S>C application_data --------------------------------------------------------------- HTTP/1.1 200 OK Date: Tue, 07 Nov 2006 09:43:54 GMT Server: Apache/1.3.33 Ben-SSL/1.55 (Debian GNU/Linux) mod_python/2.7.10 Python/2.3.4 PHP/4.3.10-16 mod_auth_pam/1.1.1 mod_perl/1.29 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=iso-8859-1 9ed <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta name="generator" content="Bluefish,vim"> <meta name="copyright" content=""> <meta http-equiv="expires" content="5"> <meta name="description" content=""> <link rel="stylesheet" type="text/css" href="/css/style.css"> <meta http-equiv="Content-Style-Type" content="text/css"> <title>HTML Index Page</title> </head> <body> <hr noshade> <h2><span class="kopf"> <a href="http://myweb"> My WebSite</a> <a href="http://www.frank4dd.com/howto"> Remote Howtos</a></span></h2> <h1><span class="kopf"> <i>Central Logging Facility Root Certificate</i></span></h1> <hr class="c1"> <h2>The Local Root Certificate</h2> <br> <p> Here is how to install the root certificate on your machine. Please click <a href="ca/root_cert.crt">here</a> to install the root certificate. Depending on your browser will be presented an import dialouge. Follow it to install. Here are some details you might want to check: </p> <table BORDER=1 WIDTH="85%" summary="root cert properties"> <tr><td> MD Fingerprint: </td><td> 2C:4C:5C:2F:31:DD:F1:1C:B2:A6:A1:9E:95:1D:86:54 </td></tr> <tr><td> SHA1 Fingerprint: </td><td> C3:A5:BB:AB:38:2F:A2:BB:0C:02:3D:D6:4E:A9:EE:54:57:B2:46:D0 </td></tr> <tr><td> Valid from: </td><td> (2004-04-08 15:39:09 GMT) </td></tr> <tr><td> Valid to: </td><td> (2004-04-07 15:39:09 GMT) </td></tr> <tr><td> Issuer </td><td> /C=DE/ST=Saxony/L=Dresden/O=Frank4DD/OU=Support/CN=www.frank4dd.com/ Email=public@frank4dd.com </td></tr> </table> <br><br> <i> Last modified 2006-06-06, 16:20 CEST . Please report errors to your friendly <a href="mailto:public@frank4dd.com" >Webmaster</a>. Thanx. </i> <p> <a href="/admin">[Administration]</a> </p> <p> <a class="left" href="http://www.debian.org"> <img style="border": 0 --------------------------------------------------------------- 1 16.1905 (16.0506) C>S TCP FIN 1 16.1906 (0.0001) S>C TCP FIN
Example using sslsniffer
fm@susie:~/sslsniffer> ./sslsniffer -p 8888 -np 443 webclf1 SSLV3/TLS Sniffer 1.1 written by Eu-Jin Goh Stanford University Applied Crypto Group SSL Sniffer listening on port number 8888 Will connect incoming connections to webclf1 on port 443 -------------------------------------------------------- Received connection from localhost, port 12527 Reading from CLIENT socket Received SSLV2 Client Hello ... From Client Hello -- Protocol Version: 3.0 Session ID Length -- 0 bytes Session ID -- Cipher Suite Length 78 bytes ... number of cipher suites 26 Cipher Suite List is -- Hex Code: 0x00 0x04 Type: RSA with 128 bit RC4 and hash function MD5 Hex Code: 0x01 0x00 0x80 Type: RSA with 128 bit RC4 and hash function MD5 Hex Code: 0x00 0x05 Type: RSA with 128 bit RC4 and hash function SHA Hex Code: 0x00 0x0a Type: RSA with 3DES EDE in CBC mode and hash function SHA Hex Code: 0x03 0x00 0x80 Type: RSA with 128 bit RC2 CBC and hash function MD5 Hex Code: 0x07 0x00 0xc0 Type: RSA with 192 bit 3DES EDE CBC and hash function MD5 Hex Code: 0x00 0x39 Type: Elliptic Curve DHE DSS Export with 40 bit DES CBC and hash function SHA Hex Code: 0x00 0x38 Type: Elliptic Curve DHE DSS with 3DES EDE CBC and hash function SHA Hex Code: 0x00 0x35 Type: Unknown Cipher Suite Hex Code: 0x00 0x16 Type: DHE RSA with 3DES EDE in CBC mode and hash function SHA Hex Code: 0x00 0x13 Type: DHE DSS with 3DES EDE in CBC mode and hash function SHA Hex Code: 0x00 0x33 Type: Unknown Cipher Suite Hex Code: 0x00 0x32 Type: Unknown Cipher Suite Hex Code: 0x00 0x2f Type: Unknown Cipher Suite Hex Code: 0x00 0x66 Type: DHE DSS with 128 bit RC4 and hash function SHA Hex Code: 0x08 0x00 0x80 Type: Unknown SSLV2 cipher used Hex Code: 0x06 0x00 0x40 Type: RSA with 64 bit DES CBC and hash function MD5 Hex Code: 0x00 0x65 Type: DHE DSS Export with 56 bit RC4 and hash function SHA Hex Code: 0x00 0x64 Type: RSA Export with 56 bit RC4 and hash function SHA Hex Code: 0x00 0x63 Type: DHE DSS Export with DES CBC and hash function SHA Hex Code: 0x00 0x62 Type: RSA Export with DES CBC and hash function SHA Hex Code: 0x00 0x61 Type: RSA Export with 56 bit RC2 CBC and hash function MD5 Hex Code: 0x00 0x60 Type: RSA Export with 56 bit RC4 and hash function MD5 Hex Code: 0x00 0x15 Type: DHE RSA with DES in CBC mode and hash function SHA Hex Code: 0x00 0x12 Type: DHE DSS with DES in CBC mode and hash function SHA Hex Code: 0x00 0x09 Type: RSA with DES in CBC mode and hash function SHA Challenge Length -- 16 bytes Reading from SERVER socket From Record Header -- Protocol Version: 3.0 Record Length: 74 Received a HANDSHAKE packet ... HandShake Packet Type :- Server Hello From Server Hello -- Protocol Version 3.0 Length of session ID -- 32 bytes Session ID -- 0x8c680f45027fe69549c4f18e4af88e84a0d417d7a8eeaa417c882df699d488b5 Cipher Suite is -- Hex Code: 0x00 0x04 Type: RSA with 128 bit RC4 and hash function MD5 Reading from SERVER socket From Record Header -- Protocol Version: 3.0 Record Length: 1247 Received a HANDSHAKE packet ... HandShake Packet Type :- Certificate CERTIFICATE INFORMATION :- Validity -- Not After Oct 8 07:11:18 2011 GMT Not Before Sep 12 07:11:18 2006 GMT Subject Distinguished Name -- /C=DE/ST=SN/L=Dresden/O=Frank4DD/OU=Support/CN=webclf1.frank4dd.com/ emailAddress=public@frank4dd.com Issuer Distinguished Name -- /C=DE/ST=Saxony/L=Dresden/O=Frank4DD/OU=Support/CN=WebCA/emailAddress =support@frank4dd.com RSA Public key size 2048 bits Reading from SERVER socket From Record Header -- Protocol Version: 3.0 Record Length: 4 Received a HANDSHAKE packet ... HandShake Packet Type :- Server hello done Reading from CLIENT socket From Record Header -- Protocol Version: 3.0 Record Length: 260 Received a HANDSHAKE packet ... HandShake Packet Type :- Client key exchange Length of RSA Encrypted PreMaster Secret -- 256 bytes RSA Encrypted PreMaster Secret -- 0x6673c5fe758751dc2bc0852b4959c310d4165ab4c2a4e4a51d23585538a23f9aed24b42e1adc 5a917238739423094341467dffda6c4e9eea6893280c5a4fb52bed76b2dd36851fa88e613e9e1f29 1fae755278cb1066e5fa1e74675cc245d5d4437dcdebfd01669e1dd5c606da89ad1ed7534f08871f 02e57d424553bc2ed69eb098662914a13c12d61f91acf8fd08d27d14a651a54704b56058213cf142 8d439640eb7d15f03d81f32aa6926de3415000f054e7a2cdfa4c56bbf7bdeb725ec76afa678d9228 f9842d3422ab4210fd394f20a0ae7620bec9e4275b206a10834e907f1ee226e0529d4d1812c3423a 5ecc57d97da3b1704a53cb17e9197364656e Reading from CLIENT socket From Record Header -- Protocol Version: 3.0 Record Length: 1 Received a CHANGE_CIPHER_SPEC packet: Further packets will be encrypted ... Reading from CLIENT socket From Record Header -- Protocol Version: 3.0 Record Length: 56 Received a HANDSHAKE packet ... Packet is encrypted. Reading from SERVER socket From Record Header -- Protocol Version: 3.0 Record Length: 1 Received a CHANGE_CIPHER_SPEC packet: Further packets will be encrypted ... Reading from SERVER socket From Record Header -- Protocol Version: 3.0 Record Length: 56 Received a HANDSHAKE packet ... Packet is encrypted. Reading from CLIENT socket From Record Header -- Protocol Version: 3.0 Record Length: 354 Received APPLICATION DATA packet ... Packet is encrypted. Reading from SERVER socket From Record Header -- Protocol Version: 3.0 Record Length: 908 Received APPLICATION DATA packet ... ... Reading from SERVER socket From Record Header -- Protocol Version: 3.0 Record Length: 56 Received a HANDSHAKE packet ... Packet is encrypted. Reading from CLIENT socket Close connections