| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Pre-master keys are available in the capture file comments.
This selects something from a table and queries 'SHOW VARIABLES' over
ethernet (mtu 1500). It demonstrates a TLS record spanning multiple TCP
segments.
|
|
Pre-master keys are available in the capture file comments.
Install slapd 2.4.31-1+nmu2ubuntu8 ldap-utils 2.4.31-1+nmu2ubuntu8
cd /etc/ldap/ssl
openssl req -newkey rsa:1024 -x509 -nodes -out slapd.pem -keyout \
slapd.pem -days 3650 -subj /CN='LDAP SSL test/'
chown openldap: slapd.pem && chmod 600 slapd.pem
cat <<EOF | ldapmodify -Y EXTERNAL -H ldapi:///
dn: cn=config
add: olcTLSCertificateFile
olcTLSCertificateFile: /etc/ldap/ssl/slapd.pem
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/ldap/ssl/slapd.pem
EOF
/etc/init.d/slapd restart
Client:
gdb -q -ex break\ gnutls_handshake -ex r --args \
ldapsearch -ZZ ldap://127.0.0.1:389
p session
p/x ((gnutls_session_t)$1)->security_parameters->client_random
p/x ((gnutls_session_t)$1)->security_parameters->master_secret
c
|
|
Pre-master keys are available in the capture file comments.
Ubuntu 14.04 server with postgresql-9.3 (assume snakeoil certificates,
change listen_addresses='0.0.0.0' and restart). Then create user and db:
createuser -P test
createdb -O test testdb
Client:
psql postgresql://test:pass@127.0.0.1/testdb?sslmode=require
Capture file contains queries (create table, insert, select).
|
|
premaster secrets is available in capture file comments.
Similar to smtp-ssl.pcapng, but running over non-standard port 2525 to
exercise "Decode As" functionality.
|
|
Pre-master keys are available in the capture file comments.
Server is Ubuntu 14.04 with dovecot-imapd and port 143 enabled in
/etc/dovecot/conf.d/10-master.conf.
Client:
openssl s_client -starttls imap -connect localhost:143
Contains "a001 CAPABILITY" followed by renegotiation, "a002 CAPABILITY"
and "QUIT".
|
|
Pre-master keys are available in the capture file comments.
Server is Ubuntu 14.04 with dovecot-pop3d and port 110 enabled in
/etc/dovecot/conf.d/10-master.conf.
Client:
openssl s_client -starttls pop3 -connect localhost:110
Contains "POPA" followed by renegotiation, "POPA" and "QUIT".
|
|
Premaster secret is available in capture file comments.
Capture file generated with an invalid authentication attempt using
TLSv1.2:
git clone https://github.com/fritzy/SleekXMPP.git
cd SleekXMPP
PYTHONPATH=. \
python examples/ping.py -d -j wireshark-test@jabber.org -p none
|
|
premaster secrets is available in capture file comments.
Server is Ubuntu 14.04 running Exim 4.82-3ubuntu2 (using GnuTLS) and
configured with:
/usr/share/doc/exim4-base/examples/exim-gencert
echo MAIN_TLS_ENABLE=1 >/etc/exim4/exim4.conf.localmacros
Client:
sudo socat TCP-LISTEN:25 TCP-CONNECT:... # (port forward)
openssl s_client -starttls smtp -connect localhost:25
After handshake, I typed "EHLO lekensteyn" and triggered a renegiotation
with "R" (which somehow resulted in an error).
|
|
pre-master secrets is in capture file comments, certificate is snakeoil.
Server is Ubuntu 14.04 VM with MariaDB 5.5.40-0ubuntu0.14.04.1, snakeoil
certificate and these my.cnf configs:
bind-address=0.0.0.0
ssl-ca=/etc/ssl/certs/ssl-cert-snakeoil.pem
ssl-cert=/etc/ssl/certs/ssl-cert-snakeoil.pem
ssl-key=/etc/mysql/ssl-cert-snakeoil.key
Pre-processing:
CREATE USER testuser@'%' IDENTIFIED BY 'pass';
CREATE DATABASE testdb;
GRANT ALL ON testdb.* TO test@'%';
Client started with:
mysql -utest -ppass -h127.0.0.1 --ssl-ca=ssl-cert-snakeoil.pem
The capture contains queries (INSERT, SELECT, deliberate disallowed `USE
mysql` and more).
|
|
|
