This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How do you decrypt The Encrypted Handshakes and Application Data.

0

Hi folks,

I am trying to use wire shark to evaluate the security of my server. Specifically the SSL section. I have seen some documentation witch show wire shark decrypting The Encrypted Handshakes and Application Data from a 2 conversations between client and server. I Need to learn how to configure wire shark to be able to do this. All the documentation I found on this subject has ether indicated that I should already have this ability, or it is too confusing to figure out. I need something a little more step by step. I am hopping that this is reliant on some form of data that only the client or the Administer would have access to and not something that posses a real secretly risk, but I won't know until I learn more about it.

From what I have learned, I believe this is probably the most useful info for me to share about problem.

In the example from my test between the web browser (witch is currently Chrome) and my server.

At the point of Client Key Exchange, I am getting "Handshake Protocol: Encrypted Handshake Message", and not what the message is. http://wiki.wireshark.org/SSL/ show wire shark decrypting this. Same kind of thing for Application data. I also have not found a pre-master secret variable yet.

I do have GnuTLS 2.8.5 and Gcrypt 1.4.5 already installed in wire shark(1.2.10).

At the Client Hello stage, My Brower is using TLSV1, so I do not have a challenge variable and no Public-key algorithm as http://www.cs.ucy.ac.cy/courses/EPL375/tutorials/Tut10/Wireshark_SSL_Solution_July_22_2007.pdf states that I should be looking for, I have gathered that the Random variable is probably a replacement for the challenge.

At the Server Hello stage, my server had selected to use Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA I don't know if this make a difference.

could some one please point me in the right direction?

Sincerely,

Nonlin

asked 28 Jul '12, 04:56

nonlin's gravatar image

nonlin
1112
accept rate: 0%

edited 28 Jul '12, 04:57


One Answer:

0

Take a look at the answer of @SYN-bit in his answer to a similar question. Especially take a look at his Sharkfest presentation.

HINT: Your server is suggesting/using TLS_DHE_RSA_WITH_AES_256_CBC_SHA. DHE means it is using a Diffie Hellman Key Exchange during the Handshake. That's one reason why you cannot decrypt the TLS connection simply by providing the server's private key.

Regards
Kurt

answered 30 Jul '12, 13:41

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 03 Aug '12, 02:38

Thank you Kurt for leading me to Syn bit site. I have spent several day going over the text, and doing some experiments and haven't gotten very far. I still find a lot of it quite confusing, or/and I am missing simple bits of information.

At this point, I have set up an experiment where I have exported a private key file from my server, put in the RSA keys list. (I made shore I was in binary mode during the ssh transfer). I then repeated the same experiment as above but I used Internet explorer instead of Chrome because IE did seem to support the specific Diffie Hellman Key Exchange that Chrome did. So I figured it would be best to figure out how to make the system work for now and then figure out how to make DHE work latter. IE used TLS_RSA_WITH_RC4_123_MD5.

So of course I don't work. Hear is a sample from the SSL debug file:

dissect_ssl enter frame #11 (first time)

ssl_session_init: initializing ptr 0528240C size 588

conversation = 05281F88, ssl_session = 0528240C

record: offset = 0, reported_length_remaining = 77

dissect_ssl3_record: content_type 22 Handshake

decrypt_ssl3_record: app_data len 72, ssl state 0x00

association_find: TCP port 4433 found 00000000

packet_from_server: is from server - FALSE

decrypt_ssl3_record: using client decoder

decrypt_ssl3_record: no decoder available

dissect_ssl3_handshake iteration 1 type 1 offset 5 length 68 bytes, remaining 77

packet_from_server: is from server - FALSE

ssl_find_private_key server 24.215.166.144:443

dissect_ssl3_hnd_hello_common found CLIENT RANDOM -> state 0x01

I believe that I have the wrong private key file. The server has a couple of files with the .key extension. The one I am using is : /etc/httpd/conf/ssl.key/server.key I also have: /etc/rndc.key /usr/share/doc/lynx-2.8.5./docs/ slang.key pdcouses.key djgpp.key var/named/chroot/etc/rndc.key and a hole bunch of keys under /ect/Zeffie/keys/ but I believe that the Zeffie dir is not native to the server. , So I probably need to know where to find it, if some one have an idea as to what I should be looking for to identify it, I would greatly appreciate it. It happens to be a BlueQuartz. Also I would also like to figure out how to a get the private key (I guess they are the private key) from the client side to see how that works.

I would like to thank every one for there patients with me, some of my question may seem a little amateur for my level of administration. and my spelling is even worse.

Sincerely Nonlin

(02 Aug '12, 21:21) nonlin

So I figured it would be best to figure out how to make the system work for now and then figure out how to make DHE work latter.

well, with a browser, it's hard to "make DHE work" as you cannot use the private key of the server. You could use the premaster key, but there is no way (at least I don't know one) to extract that information from a browser. You can test with curl (curl.haxx.se) and verbose mode. But that's a second step, after you managed to decrypt your first ssl session.

IE used TLS_RSA_WITH_RC4_123_MD5.

That should work, if you used the right key.

So of course I don't work. Hear is a sample from the SSL debug file:

Please post a more complete debug file.

I believe that I have the wrong private key file. The server has a couple of files with the .key extension. The one I am using is : /etc/httpd/conf/ssl.key/server.key

According to the debug file (and your description), you tried to decrypt https on port 443, so that key looks like a good choice. HOWEVER, it depends on the apache configuration which key is used. If there is no other key in the apache config directory and no other apache config on your system, that key might be the right one. As a test, you can move the key and restart apache. If apache does not start, it was the right one. If it still starts and you can access the https site, it's using a different key. Then you should check the configuration.

BTW: If you open the key with an editor, do you see the string 'ENCRYPTED' somewhere in that file? If so, the private key is encrypted and you need to specify that passphrase in wireshark as well.

BTW: Did you try to decrypt the sample that @SYN-bit used in his presentation? That would be a good start for you.

http://sharkfest.wireshark.org/sharkfest.12/prsentations/MB-2_SSL_Troubleshooting_Hands-on_Lab_Files.tgz

(03 Aug '12, 02:40) Kurt Knochner ♦

Thanks again for your help.

I think I am just starting to get a handle on this thing, do to some of the segmentations you made, I discovered that yes, I was using the wrong key. Hears a segment from the log file I should have sent you.

dissect_ssl enter frame #95 (first time)
  conversation = 05281F88, ssl_session = 0528240C
  record: offset = 0, reported_length_remaining = 435
dissect_ssl3_record: content_type 23 Application Data
decrypt_ssl3_record: app_data len 430, ssl state 0x17
packet_from_server: is from server - FALSE
decrypt_ssl3_record: using client decoder
decrypt_ssl3_record: no decoder available
association_find: TCP port 4433 found 00000000
association_find: TCP port 443 found 090A0EA0

I am still not shore what part of the file really tell me that I had the wrong key, I guess it is the line that says "no decoder available", not very descriptive enough to lead me to the issue. But at least it better then nothing.

Anyway I did find the key I needed, it was just called "key" (no extension) and it was located /home/sites/<domain name="" of="" secure="" site="">/certs. overly, I hit my head and said "Gee, I could have had a V8". So now it works fine.

Thank you for the sample file it was really helpful, unforchunetly the link you gave me was dead, but I pocked around the net and found that this link was ok. http://sharkfest.wireshark.org/sharkfest.12/presentations/MB-2_SSL_Troubleshooting_Hands-on_Lab_Files.tgz

Even though I still have more to learn from the server key, I am ready to ask my next question. Is there a way to do the some thing from the client side, you mentioned something about exporting a privat key or Master-key with a Session-Id from a web browser, or rather you wished that we had the ability to do that. I have seen some stuff about a patch for Chrome and Firefox to do something like that, but they keep mentioning have to rebuild the browser, and since I am using windows for the client side of my research, that would make things some what more complicated, or rather I would need step by step instructions before I would attempt it. But I was hopping that I could trying something like digging though the web browser temp files, or maybe I could use OpenSSL to request it or find it on the hard drive. I know you can it to open a session with the server, but seems independent from the web browser, I don't know how to use it to get the session information for an existing web browsers session so I would have the right Master key and session-IDs to decryption the bower session. Something like that. Have any ideas?

Sincerely, Nonlin

(06 Aug '12, 15:55) nonlin

I am still not shore what part of the file really tell me that I had the wrong key

unfortunately the ssl debug file is a bit hard to understand and there are many reasons for a problem, thus many different error messages.

unfortunately the link you gave me was dead,

sorry, it was a typo. /prsentations/ instead of /presentations/.

I have seen some stuff about a patch for Chrome and Firefox to do something like that

That's the way to go...

But I was hopping that I could trying something like digging though the web browser temp files

I'm sorry, those keys will never appear somewhere in the file system, as they are never written to disk (maybe with one exception: the paging file).

So, no other (easy) way than a tool that extracts the key from the running browser (e.g. a plugin).

(06 Aug '12, 16:17) Kurt Knochner ♦