| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
premaster secrets is available in capture file comments.
Server is Ubuntu 14.04 running Exim 4.82-3ubuntu2 (using GnuTLS) and
configured with:
/usr/share/doc/exim4-base/examples/exim-gencert
echo MAIN_TLS_ENABLE=1 >/etc/exim4/exim4.conf.localmacros
Client:
sudo socat TCP-LISTEN:25 TCP-CONNECT:... # (port forward)
openssl s_client -starttls smtp -connect localhost:25
After handshake, I typed "EHLO lekensteyn" and triggered a renegiotation
with "R" (which somehow resulted in an error).
|
|
pre-master secrets is in capture file comments, certificate is snakeoil.
Server is Ubuntu 14.04 VM with MariaDB 5.5.40-0ubuntu0.14.04.1, snakeoil
certificate and these my.cnf configs:
bind-address=0.0.0.0
ssl-ca=/etc/ssl/certs/ssl-cert-snakeoil.pem
ssl-cert=/etc/ssl/certs/ssl-cert-snakeoil.pem
ssl-key=/etc/mysql/ssl-cert-snakeoil.key
Pre-processing:
CREATE USER testuser@'%' IDENTIFIED BY 'pass';
CREATE DATABASE testdb;
GRANT ALL ON testdb.* TO test@'%';
Client started with:
mysql -utest -ppass -h127.0.0.1 --ssl-ca=ssl-cert-snakeoil.pem
The capture contains queries (INSERT, SELECT, deliberate disallowed `USE
mysql` and more).
|
|
|
|
These functions can trigger a renegotiation which changes the key
material (detected by using `curl` and `openssl s_server` and pressing
`R` in `openssl s_server`).
|
|
SSL_connect is somehow called multiple times on the same connection
by curl, this may result in duplicate keylog file entries. Detect when
the state changes, and only print the keys if it has changed.
|
|
Also intercept SSL_do_handshake (nginx) and SSL_accept (s_server).
|
|
Try to dump as many keys as possible, even if a fatal alert occurred.
Wireshark does not support SSLv2, so check that a successful connection
does not use SSLv2 before dumping keys (this fixes a crash).
|
|
This follows the preference name ssl.keylog_file.
|
|
Master-Key, Key-Arg (from curl output) and 512-bit RSA keys are
available in the capture file comments.
Key and certificates are generated with:
openssl req -newkey rsa:384 -x509 -nodes -keyout server.pem -new \
-out server.pem -subj /CN='Very Secure' -md5
Server (openssl 1.0.2) was started with:
openssl s_server -ssl2 -www
Client (curl 7.40.0-DEV with `!defined(HAVE_SSLV2_CLIENT_METHOD)`
removed):
curl -vk --sslv2 https://127.0.0.1:4433
|
|
For a gdb function, see http://security.stackexchange.com/a/80174/2630
To generate the line assuming you have a context with a SSL structure
(named "s") run this:
python
def read_as_hex(name, size):
addr = gdb.parse_and_eval(name).address
data = gdb.selected_inferior().read_memory(addr, size)
return ''.join('%02X' % ord(x) for x in data)
def pm(ssl='s'):
mk = read_as_hex('%s->session->master_key' % ssl, 48)
cr = read_as_hex('%s->s3->client_random' % ssl, 32)
print('CLIENT_RANDOM %s %s' % (cr, mk))
end
python pm()
|
|
Last modified on 29 July 2014, but it should still apply.
|
|
|
|
|
|
Prints Last-Modified, Content-Length and URL for tshark -O http output.
Used for analyzing a vc_web install capture.
|
|
Also allows you to override CC/CXX (for Clang support), fix
/tmp/wireshark/ symlink and /tmp/wsbuild/run/ sync, enable some
additional modules (but disable SBC which would be used for Bluetooth
audio support), pass -DCMAKE_EXPORT_COMPILE_COMMANDS (for clang-check
iirc).
|
|
|
|
This script helps me in syncing sources with a remote build machine and
building changes once I have made a local change. It also syncs back
generated binaries.
|
|
|
|
Not all bytes were captured, it turns out that data was never read (and
thus the send buffer becames full) which leads to data loss when the
connection is closed.
|
|
The common case is replaying a capture, so avoid all tshark boilerplate
and run the command in the script. Fix the mixup of server and client
sockets ("if reply, then write from the server socket"). Allow
chunk size to be customized.
|
|
|
|
|
|
Since wireshark rev54039
|
|
|
|
* generate-wireshark-cs: fix key sizes for export ciphers
* notes, openssl-{connect,listen}: support more cipher suites,
including NULL.
|
|
Fixes:
Unknown kex in 0x0060 TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 (tmp=RSA_EXPORT1024)
Unknown kex in 0x0061 TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 (tmp=RSA_EXPORT1024)
Unknown kex in 0x0062 TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (tmp=RSA_EXPORT1024)
Unknown kex in 0x0064 TLS_RSA_EXPORT1024_WITH_RC4_56_SHA (tmp=RSA_EXPORT1024)
But to be honest, is there any implementation that actually use these
cipher suites...?
|
|
This is used in some export ciphers
|
|
These are no official cipher suites, but they are used somewhere.
Sources:
- (96-102) "0x00,0x60-0x66 Reserved to avoid conflicts with widely
deployed implementations" [1]
- (96-97) Disabled in OpenSSL 0.9.8c, from a commit message on 14 June
2006: "the latter two [0x00,0x61 and 0x00,0x60 cipher suites] were
purpotedly from draft-ietf-tls-56-bit-ciphersuites-0[01].txt, but do
not really appear there" [3]
- (98-102) An (expired) IETF draft on 56-bit cipher suites defines
cipher suites 0x00,0x62-66 [2]
[1]: http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
[2]: http://tools.ietf.org/html/draft-ietf-tls-56-bit-ciphersuites-01
[3]: http://marc.info/?l=openssl-cvs&m=115030750911430
[ Peter: added sources ]
|
|
|
|
This applies some fixes for CCM to the cipher suite generation script.
There are some special cases for CCM ciphers: the iv blocksize is
always 4, it does not have a digest and the mode should be CCM or CCM_8.
[ Peter: basically restructure (indent+case) and fix CCM block size.
I removed the digest as that was already covered and diglen=0; is not
meaningful ]
|
|
Stream cipher RC4 (and block cipher NULL) do not have a IV. The
packet-ssl-utils code needs to be fixed up for this, but this
generator can already be created. Revert this patch until the
block to iv_size rename is complete.
|
|
Previously, everything was concatenated,
making it more difficult to spot errors.
|
|
|
|
|
|
Example usage, assuming 'premaster.txt' in corrent directory:
./run-ws /tmp/wsbuild/tshark dump.pcapng
Example, with filtering for SSL record type Application Data (23):
./run-ws /usr/bin/wireshark dump.pcapng.gz \
-Y ssl.record.content_type==23
|
|
The CLIENT_RANDOM is applicable to clients only, so remove it from
ServerHello. Also update notes with cmake+gcrypt instructions.
|
|
See https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9499
|
|
|
|
|
|
|
|
Requested by [aspirin] on #wireshark, this script adds a percentage
number to the tshark statistics output. Adding a percentage bar can also
be done, but is an exercise for later at the moment.
|
|
|
|
I previously mentioned that nobody seems to support AES CCM for PSK, but
then I noticed that bug 8567 uses this for a DTLS capture. I might need
to add some of these missing cases to the ssl_get_keyex_alg function.
[1]: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8567
|
|
The new ssl_get_keyex_alg.txt.diff has been generated with the
following patches applied:
- (unrelated) ssl: Support PSK larger than 16 octets
- Use correct key exchange type for ECDHE ciphers
- (unrelated) ssl: drop unused SIG_ field and constants
- Add more PSK and Camellia ciphers
- Simplify determining key exchange algorithm, more PSK support
|
|
ssl_get_keyex_alg.txt contains the current supported list of cipher
suites for key exchange by the ssl_get_keyex_alg() function.
It was generated with:
awk -F '[ :;\t]+' '/^gint ssl_get_keyex_alg/{p=1}
/case/{if(p)a[$3]=0} /return/{for(i in a)print i, $3;delete a} /^}
/{if(p)exit}' packet-ssl-utils.c
This file can then be converted and sorted with:
while read num name; do echo $((num)) $name;
done < ssl_get_keyex_alg.txt | sort -n > /tmp/1
To get the current cipher suites list:
awk -F '[ {,]+' '/,KEX_/{print $2, $3}' packet-ssl-utils.c > /tmp/2
Check which cipher suites are missing or have an incorrect key exchange:
diff -y /tmp/[12]
It turned out that the ECDH cipher suites were incorrectly marked as
DH (tested on top of SVN rev 52320). Therefore adjust the
generate-wireshark-cs file.
|
|
|
|
|
|
Wireshark already supports these suites, yay :)
|
|
Sent to gcrypt-devel@gnupg.org.
|
|
I stopped when I had the thousandth dependency issue after
crypt/libairpdcap.la, this time (again) some broken headers (wsutil
something if I remember correctly? Or was it something related to LUA?)
|
