Ask Your Question

decrypt https sessions

asked 2019-05-31 08:23:23 +0000

freediver gravatar image

Hi it folks.

I try to find an answer to my question in the knowledgebase without success... so here I am. Is it possible to to decrypt https traffic with an private key (not via SSLKEYLOGFILE) ?

My Lab contains a apache webserver on linux (of course) and a self signed certificate, generated like this: openssl req -new -newkey rsa:2048 -nodes -days 365 -x509 -subj '/CN=test.local' -keyout test.key -out test.crt I capture the traffic on this webserver with : tcpdump -w https.pcap "port 443"

In the wireshark (v2.6.8) settings->protocols->ssl-> I enter : IP Adress, Port: 443, Protocol: http, Key File: path to test.key

Then I open the capture File and I expect the https / tls traffic to be decrypted... Unfortunately it doesn't work this way - I tried it several times.

Any Ideas / Help? Thank you

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2019-05-31 10:00:44 +0000

grahamb gravatar image

updated 2019-05-31 14:02:14 +0000

To decrypt TLS using the server's private key, you have to restrict the algorithms that can be used to those with an RSA Key exchange. This can be done at the server, by limiting the algorithms accepted, or at the client by limiting the algorithms that are offered. How do that is a matter for the software you are using at either end.

See the Wiki page on SSL (sic) for a complete walkthough on decryption. Note that the test openssl server has the cipher set to AES256-SHA to restrict the algorithm used.

edit flag offensive delete link more


Wow great it works - thank you!

In nginx I added these two lines:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'AES256-SHA256:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4';

Unfortunately Firefox & Chrome both denied these insecure ciphers :) luckly curl accepts it. (And Internet Explorer of course)

Just as a bonus question... In the wiki is mentioned that Diffie-Hellman ciphers are not supported, so the question arise which ones are weak and are supported from wireshark (beside AES256-SHA256)? Or does it have to be determined by an exclusion procedure?


freediver gravatar imagefreediver ( 2019-05-31 12:41:39 +0000 )edit

You're welcome, if an answer has solved your issue then please accept it for the benefit of others with the same issue by clicking the checkmark icon to the left of the answer.

Which ciphers are accepted by a client is a matter for client config, although it's understandable if they absolutely refuse to use older, less secure, ciphers.

The issue with Diffie-Hellman key exchange is that simply having the private key from the server is insufficient as DH enables perfect forward security, which is why DH is seen as more secure. To decrypt DH keyed TLS you'll need what's known as the "pre-master" secret, which some clients can be configured to emit into the SSLKEYLOGFILE. See the SharkFest EU presentation from @Lekensteynhere for more info.

I've edited my answer a little, servers accept a cipher from the list offered by clients.

grahamb gravatar imagegrahamb ( 2019-05-31 14:01:45 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2019-05-31 08:23:23 +0000

Seen: 1,541 times

Last updated: May 31 '19