1

I'm working on an issue with HTTPS. I suspect its related to client certificates. I want to read some of the encrypted handshake messages that follows the ServerHelloDone message. (Once the ServerHelloDone is sent, the stream usually switches to encrypted):

enter image description here

The Wireshark trace was generated with s_client:

$ echo -e "GET / HTTP/1.1\nHost:example.net\n" | openssl s_client -connect example.net:443 -ssl3 -ign_eof -CAfile Equifax_Secure_Certificate_Authority.pem 
CONNECTED(00000003)
...
---
Certificate chain
 0 s:/C=ES/ST=Malaga/L=Malaga/O=Example, LLC/CN=www.example.net/OU=Example IT
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G2
 1 s:/C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G2
   i:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
 2 s:/C=US/O=GeoTrust Inc./CN=GeoTrust Global CA
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIQeee0uwSySeNXOkI+BUoMMzANBgkqhkiG9w0BAQUFADBE
MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMU
...
doLsKI2R6RQA/7IcuTpKkvLF5wYKvmocPxYVg9FOoFvKV0wjWo6qlwsANPAVov+7
zFzZreROa7lBj8UH0IyYjLmBrbe1yMr/Cmg=
-----END CERTIFICATE-----
...
New, TLSv1/SSLv3, Cipher is RC4-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : RC4-SHA
    Session-ID: 663C000068D5E2DFCC69EE1FA40489927A80EFE118703BBAD28E1E81EDD02B15
    Session-ID-ctx: 
    Master-Key: ACB5F8C6302DE96555A680FBD37A83CBF81087368685A36B2B04E23A822E403CDF35FAACF959F55107AC4641AE1531DB
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1407443412
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
...
read R BLOCK
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Login/Login
Server: Microsoft-IIS/7.5
X-AspNetMvc-Version: 3.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Thu, 07 Aug 2014 20:29:46 GMT
Content-Length: 129

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/Login/Login">here</a>.</h2>
</body></html>
^C

Because the Wireshark trace was generated with s_client, I have the master key for the session. I have the master key because s_client printed it to the terminal. NOTE: I don't claim anything about the server's public or private key. I only claim to have a key for this session.

I visited Secure Socket Layer (SSL) on the Wireshark wiki, but it does not say how to plug the master key into the GUI. (They do discuss how to use it, but its not related to the GUI).

Is there a way to plug the master key into the Wireshark GUI so I can read the encrypted traffic?

Improve this question
3
  • 1
    From above, I have the master key., no, you don't. You have the public key. That means you can encrypt content. The private key is on the remote server, and you can't get it, unless you happen to own that server.
    – Zoredache
    Commented Aug 7, 2014 at 20:50
  • @Zoredache - I didn't claim anything about the server's key pair. s_client dumps the master key for the session. I have it because s_client prints it to the terminal. (Related: I'm not sure if that's the pre-master secret or the master secret, but I'll work that out if needed).
    – jww
    Commented Aug 7, 2014 at 22:01
  • 1
    isc.sans.edu/forums/diary/…
    – cychoi
    Commented Jan 7, 2015 at 8:47

1 Answer 1

Reset to default
1

Asuming you have a file containing the private key, containing something like 

-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCsiEqJU4M76dlpmhb69DciXhLGkHX8mIoaQsCyy+Qx1rzSFp1L
WFrDBR4v9zyyO11F8eRdc+AZqbhlzEq+HV5qH9MYnKeKJZMUlMSvE675aZzx2DWY
rHdR1RyDpyxQvL8yKsAmoxY9WoesYU37gwk3al2C2lGL1MyxXT863ku0swIDAQAB
[...]
2xZo60YQkK6sKoxxDZFfnE6pYGiluSaYHmem42Sn7ZWarfMFgJGS92EZXGCBQIun
6Q5pB4pxj6iUMkT7joECQAzRrRCHpKtJmFoxEZ/xhGVUpUUulCor4Xe5Mo6mJdJw
ZjAAI3aJW4RWouEUPR1voTKHewFNUqXYE48zpElzpYM=
-----END RSA PRIVATE KEY-----

you need to open wireshark -> edit -> preferences....

On the left column, locate under "protocols" the item "SSL". Depending on the version, the syntax could vary. Assuming most up to date version, under "RSA keys list" click on Edit... Then "New", and fill the fields, using "http" as protocol (not https), and leaving the password blank.

NOTE: in some circunstances, you won't be able to decrypt:

  • if you did not capture ALL the traffic, since the very first packet
  • if the client re-used a SSL session (check on the client_hello packet for "Session ID")
  • if the SSL was negotiated with forward secrecy

I have found that there is also other possibility: if you have both Session-ID and Master-Key, you could set up a file like this (I have copied the data from your openssl output):

RSA Session-ID:663C000068D5E2DFCC69EE1FA40489927A80EFE118703BBAD28E1E81EDD02B15 Master-Key:ACB5F8C6302DE96555A680FBD37A83CBF81087368685A36B2B04E23A822E403CDF35FAACF959F55107AC4641AE1531DB

and under SSL preferences on wireshark, point the (Pre)-Master-Secret log filename to it.

Remember to include a blank line in the file

Improve this answer
1
  • Thanks NuTTyX. I don't have the [server] key or key file. From using OpenSL's s_client, I have the master secret for the session that was observed by Wireshark.
    – jww
    Commented Aug 7, 2014 at 22:22

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .