I was trying to find the crypto keys used by my browser and a web
server used ssl traffic. Browsing the Internet resulted a very good whitepaper
related to TLS/SSL.
Then I thought to give a try on
it to check is it really feasible what it claims .To my wonder all you have to
do is just ask your browser and it will let out all the secret it holds.
To read all secrets all you need now a network sniffer, I used “Wireshark”
for this part.
So here we goes with steps
·
Just set up an user environment variable in your
system (Hope that is really easy how to set up environment variables) SSLKEYLOGFILE
(below given screenshot of sslkeylogfile of my system)
·
Opening the file browser will write the values used
to generate TLS session keys out to that file.
·
Now Point your Wireshark to the file stated above.
Select Edit -> Preferences -> Protocols ->
SSL and then OK
· Then I browse to a site using ssl/Tls https://wepay.com and sniff the traffic, see the
traffic status(in un-encrypted form)
So for pentestor one might try setting be on the lookout for an SSLKEYLOG
variable on your target.
0 comments:
Post a Comment