Soumettre la recherche
Mettre en ligne
Sniffing SSL Traffic
•
Télécharger en tant que PPT, PDF
•
6 j'aime
•
7,030 vues
D
dkaya
Suivre
Technologie
Formation
Signaler
Partager
Signaler
Partager
1 sur 59
Télécharger maintenant
Recommandé
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & Secure
Brian Ritchie
SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
SSL overview
SSL overview
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
Ssl in a nutshell
Ssl in a nutshell
Frank Kelly
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
SSL intro
SSL intro
Three Lee
SSL
SSL
theekuchi
TLS/SSL Internet Security Talk
TLS/SSL Internet Security Talk
Nisheed KM
Recommandé
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & Secure
Brian Ritchie
SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
SSL overview
SSL overview
Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
Ssl in a nutshell
Ssl in a nutshell
Frank Kelly
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
SSL intro
SSL intro
Three Lee
SSL
SSL
theekuchi
TLS/SSL Internet Security Talk
TLS/SSL Internet Security Talk
Nisheed KM
TLS/SSL Protocol Design
TLS/SSL Protocol Design
Nate Lawson
SSL Secure Socket Layer
SSL Secure Socket Layer
omkar bhagat
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
JaroslavChmurny
secure socket layer
secure socket layer
Amar Shah
Transport layer security
Transport layer security
Hrudya Balachandran
Securing TCP connections using SSL
Securing TCP connections using SSL
Sagar Mali
Introduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
Nascenia IT
Basics of ssl
Basics of ssl
n|u - The Open Security Community
SSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
Secure socket layer
Secure socket layer
Nishant Pahad
SSL And TLS
SSL And TLS
Ghanshyam Patel
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Samip jain
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
amanchaurasia
SSL Layer
SSL Layer
Trinh Phuc Tho
SSl/TLS Analysis
SSl/TLS Analysis
Duduman Bogdan Vlad
SSL/TLS
SSL/TLS
Dr Anjan Krishnamurthy
SSL/TLS
SSL/TLS
pavansmiles
All you need to know about transport layer security
All you need to know about transport layer security
Maarten Smeets
SSL
SSL
Duy Do Phan
Introduction to SSL/TLS
Introduction to SSL/TLS
keithrozario
Intrusion Discovery on Windows
Intrusion Discovery on Windows
dkaya
Hacking Cisco Networks and Countermeasures
Hacking Cisco Networks and Countermeasures
dkaya
Contenu connexe
Tendances
TLS/SSL Protocol Design
TLS/SSL Protocol Design
Nate Lawson
SSL Secure Socket Layer
SSL Secure Socket Layer
omkar bhagat
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
JaroslavChmurny
secure socket layer
secure socket layer
Amar Shah
Transport layer security
Transport layer security
Hrudya Balachandran
Securing TCP connections using SSL
Securing TCP connections using SSL
Sagar Mali
Introduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
Nascenia IT
Basics of ssl
Basics of ssl
n|u - The Open Security Community
SSL Secure socket layer
SSL Secure socket layer
Ahmed Elnaggar
Secure socket layer
Secure socket layer
Nishant Pahad
SSL And TLS
SSL And TLS
Ghanshyam Patel
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Samip jain
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
amanchaurasia
SSL Layer
SSL Layer
Trinh Phuc Tho
SSl/TLS Analysis
SSl/TLS Analysis
Duduman Bogdan Vlad
SSL/TLS
SSL/TLS
Dr Anjan Krishnamurthy
SSL/TLS
SSL/TLS
pavansmiles
All you need to know about transport layer security
All you need to know about transport layer security
Maarten Smeets
SSL
SSL
Duy Do Phan
Introduction to SSL/TLS
Introduction to SSL/TLS
keithrozario
Tendances
(20)
TLS/SSL Protocol Design
TLS/SSL Protocol Design
SSL Secure Socket Layer
SSL Secure Socket Layer
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
secure socket layer
secure socket layer
Transport layer security
Transport layer security
Securing TCP connections using SSL
Securing TCP connections using SSL
Introduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
Basics of ssl
Basics of ssl
SSL Secure socket layer
SSL Secure socket layer
Secure socket layer
Secure socket layer
SSL And TLS
SSL And TLS
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
SSL Layer
SSL Layer
SSl/TLS Analysis
SSl/TLS Analysis
SSL/TLS
SSL/TLS
SSL/TLS
SSL/TLS
All you need to know about transport layer security
All you need to know about transport layer security
SSL
SSL
Introduction to SSL/TLS
Introduction to SSL/TLS
En vedette
Intrusion Discovery on Windows
Intrusion Discovery on Windows
dkaya
Hacking Cisco Networks and Countermeasures
Hacking Cisco Networks and Countermeasures
dkaya
Mitigating Layer2 Attacks
Mitigating Layer2 Attacks
dkaya
Cisco Switch Security
Cisco Switch Security
dkaya
SAS
SAS
jgmatheson
Cryptography.
Cryptography.
sangavisankar
Mitigating worm attacks
Mitigating worm attacks
dkaya
Ip security
Ip security
Naveen Dubey
Hacking Layer 2 - Enthernet Switcher Hacking Countermeasures.
Hacking Layer 2 - Enthernet Switcher Hacking Countermeasures.
Sumutiu Marius
Mastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installation
networkershome
Data Encryption Standard (DES)
Data Encryption Standard (DES)
Haris Ahmed
Microsoft Days 09 Windows 2008 Security
Microsoft Days 09 Windows 2008 Security
dkaya
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Gopal Sakarkar
Data encryption standard
Data encryption standard
Mohammad Golyani
Understanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NAT
Cisco Russia
Implementing Cisco AAA
Implementing Cisco AAA
dkaya
Web Security Deployment
Web Security Deployment
Cisco Canada
Avaya Networking Solution Overview
Avaya Networking Solution Overview
Motty Ben Atia
Implementing 802.1x Authentication
Implementing 802.1x Authentication
dkaya
Checkpoint r77
Checkpoint r77
Minh Dương
En vedette
(20)
Intrusion Discovery on Windows
Intrusion Discovery on Windows
Hacking Cisco Networks and Countermeasures
Hacking Cisco Networks and Countermeasures
Mitigating Layer2 Attacks
Mitigating Layer2 Attacks
Cisco Switch Security
Cisco Switch Security
SAS
SAS
Cryptography.
Cryptography.
Mitigating worm attacks
Mitigating worm attacks
Ip security
Ip security
Hacking Layer 2 - Enthernet Switcher Hacking Countermeasures.
Hacking Layer 2 - Enthernet Switcher Hacking Countermeasures.
Mastering checkpoint-1-basic-installation
Mastering checkpoint-1-basic-installation
Data Encryption Standard (DES)
Data Encryption Standard (DES)
Microsoft Days 09 Windows 2008 Security
Microsoft Days 09 Windows 2008 Security
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Data encryption standard
Data encryption standard
Understanding and Troubleshooting ASA NAT
Understanding and Troubleshooting ASA NAT
Implementing Cisco AAA
Implementing Cisco AAA
Web Security Deployment
Web Security Deployment
Avaya Networking Solution Overview
Avaya Networking Solution Overview
Implementing 802.1x Authentication
Implementing 802.1x Authentication
Checkpoint r77
Checkpoint r77
Similaire à Sniffing SSL Traffic
Random musings on SSL/TLS configuration
Random musings on SSL/TLS configuration
extremeunix
TLS Perf: from three to zero in one spec
TLS Perf: from three to zero in one spec
Natasha Rooney
HTTPS: All you need to know
HTTPS: All you need to know
OVHcloud
SSL/TLS Eavesdropping with Fullpath Control
SSL/TLS Eavesdropping with Fullpath Control
Mike Thompson
Sequere socket Layer
Sequere socket Layer
Raghavendra Rao
Go paranoid
Go paranoid
Nisheed KM
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3
wolfSSL
SSLtalk
SSLtalk
Matthew Aylard
Webinar SSL English
Webinar SSL English
SSL247®
Recover A RSA Private key from a TLS session with perfect forward secrecy
Recover A RSA Private key from a TLS session with perfect forward secrecy
Priyanka Aash
[Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things!
OWASP
TLS
TLS
Daniel Stenberg
Sử dụng TLS đúng cách - Phạm Tùng Dương
Sử dụng TLS đúng cách - Phạm Tùng Dương
Security Bootcamp
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
Mohammed Adam
Ip Sec
Ip Sec
Ram Dutt Shukla
Ip Sec Rev1
Ip Sec Rev1
Ram Dutt Shukla
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
William Lee
8.X Sec & I Pv6
8.X Sec & I Pv6
phanleson
Ssl and tls
Ssl and tls
Rana assad ali
HTTPS
HTTPS
R.K. University
Similaire à Sniffing SSL Traffic
(20)
Random musings on SSL/TLS configuration
Random musings on SSL/TLS configuration
TLS Perf: from three to zero in one spec
TLS Perf: from three to zero in one spec
HTTPS: All you need to know
HTTPS: All you need to know
SSL/TLS Eavesdropping with Fullpath Control
SSL/TLS Eavesdropping with Fullpath Control
Sequere socket Layer
Sequere socket Layer
Go paranoid
Go paranoid
wolfSSL and TLS 1.3
wolfSSL and TLS 1.3
SSLtalk
SSLtalk
Webinar SSL English
Webinar SSL English
Recover A RSA Private key from a TLS session with perfect forward secrecy
Recover A RSA Private key from a TLS session with perfect forward secrecy
[Wroclaw #8] TLS all the things!
[Wroclaw #8] TLS all the things!
TLS
TLS
Sử dụng TLS đúng cách - Phạm Tùng Dương
Sử dụng TLS đúng cách - Phạm Tùng Dương
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
Ip Sec
Ip Sec
Ip Sec Rev1
Ip Sec Rev1
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
8.X Sec & I Pv6
8.X Sec & I Pv6
Ssl and tls
Ssl and tls
HTTPS
HTTPS
Dernier
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Maria Levchenko
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
Pixlogix Infotech
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
Dernier
(20)
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Slack Application Development 101 Slides
Slack Application Development 101 Slides
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Sniffing SSL Traffic
1.
Sniffing SSL Traffic
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
Choosing the right
settings
19.
20.
Normal RSA handshake
Client Server ServerHello ClientHello Certificate ServerHelloDone ClientKeyExchange ChangeCipherSpec Finished (encrypted) ChangeCipherSpec Finished (encrypted)
21.
First packet…
22.
Analyzing the SSL
record layer (1)
23.
Random
24.
Session ID
25.
Cipher Suites
26.
Server name
27.
Server Hello
28.
Certificate Message
29.
Server’s Certificate
30.
Server Hello Done
31.
Certificate Validation
32.
Client Key Exchange
33.
Finally Application Data
34.
Ephemeral RSA (or
DH) handshake Client Server ServerHello ClientHello Certificate ServerHelloDone ClientKeyExchange ChangeCipherSpec Finished (encrypted) ChangeCipherSpec Finished (encrypted) ServerKeyExchange
35.
Server Key Exchange
36.
Server Key Exchange
37.
Client Authentication Client
Server ServerHello ClientHello Certificate ServerHelloDone Certificate ClientKeyExchange Finished (encrypted) ChangeCipherSpec Finished (encrypted) CertificateRequest CertificateVerify ChangeCipherSpec
38.
Client Certificate Request
39.
Certificate Request
40.
Certificate (C)
41.
Certificate Verify
42.
43.
Handshake of a
Reused Session Client Server ServerHello ClientHello ChangeCipherSpec Finished (encrypted) ChangeCipherSpec Finished (encrypted)
44.
SSL session reuse
(new, reused and expired) Full Handshake Partial Handshake
45.
No SSL session
caching
46.
Analyzing SSL alerts
Without decryption: With decryption:
47.
48.
Providing the server
private key (1) tshark -r file.cap -o ssl.keys_list:192.168.3.3,443,http,"c:ey.pem" -o ssl.debug_file:"c:sl-debug.log" -V -R http ssl.keys_list: 192.168.3.3,443,http,c:ey.pem ssl.debug_file: c:empsl-debug.log Wireshark preferences file: When using Tshark:
49.
50.
Converting keys root@mgmt#
openssl rsa -in encrypted.key -out cleartext.key Enter pass phrase for encrypted.key: <passphrase> writing RSA key root@mgmt# root@mgmt# openssl pkcs12 -in pem.cert -inkey pem.key -export -out cert.pkcs12 Enter Export Password: <new-passphrase> Verifying - Enter Export Password: <new-passphrase> root@mgmt# root@mgmt# openssl rsa -inform DER -in der.key -out pem.key Enter pass phrase for encrypted.key: <passphrase> writing RSA key root@mgmt# Removing passphrase: Converting from DER to PEM (and removing passphrase): Converting from PEM to PKCS12 (and adding passphrase):
51.
Decryption in Action
52.
53.
54.
55.
56.
Screenshot from browser…
57.
Here is the
user and password from logs Tail –f sslstrip.log
58.
Questions & Discussion
? ? ? ? ? ? ? ? ? ? ? ? ? ?
59.
Thank you…
Notes de l'éditeur
Mostly used for bulk encryption How to exchange keys?
public-private key Mostly used for secure key exchanges How to verify keys?
Télécharger maintenant