This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Remote decryption TLS in wireshark

1

I want to know if it is possible to do remote decryption with wireshark ?

A more structured approach to what I want to do is this -

Setup: 2 computers (comp A and comp B) with one computer acting as a network gateway. That is all traffic from comp A goes to comp B. Any firewall rules set on comp B applies to comp A.

Objective: Generate the TLS secrets on a local PC (comp A) and then send the secrets to comp B (via file transer/ssh/nc). Comp B should be able to decrypt encrypted traffic given the TLS secret information (the actual 6 keys generated from master secret).

Current Approach - Print out the TLS secrets/ SSLdecoder variable in a file using a modified version of wireshark. Send this file to comp B via netcat/ssh. On comp B, use a modified version of wireshark to read these secrets and decrypt data.

Problems: There is a delay in sending the secrets from comp A to comp B. As a result the decryption code on wireshark runs before the secrets are sent by comp A. That is the packets are already captured and dissected by wireshark on comp B as when I browse a website on comp A. There is a manual delay for sending TLS secrets to comp B

Question: Is there a way to solve this problem without tweaking anything at comp A side (one tweak is adding delay in sending packets at network level to comp B)

Why this problem: I am trying to study security for fine grained proxies. Here comp A is a local PC and comp B is a proxy. Instead of using certificates, now only specific TLS sessions can be decrypted by the proxy with some secrets

asked 01 Nov '16, 11:02

mac9393's gravatar image

mac9393
36449
accept rate: 0%


2 Answers:

1

What is your "modified version" of Wireshark? Wireshark already supports linking session secrets to a SSL/TLS session using the "(Pre-)master secrets keylog file" approach (see Wireshark wiki - SSL). This method will also suffer from the same problem though. When the keylog file entry is added after the Client Key Exchange message has been dissected, there will be no more attempts to load the secrets.

A possible idea is to delay dissection of the Client Key Exchange record type until the keylog file has gained a session secret for the Random value from the Client Hello. This requires either modification to the SSL dissector or a custom dissector that is invoked before the SSL dissector (and interprets the record layer first).

Sketch of the approach:

  • Use ssl_get_session() to obtain the SSL session.
  • If session->state & SSL_CLIENT_RANDOM, then assume that the Client Hello handshake record (used for identification purposes) is found.
  • If SSL_CLIENT_RANDOM was set, but neither SSL_HAVE_SESSION_KEY nor SSL_MASTER_SECRET are set, then try to locate the session secret in the keylog file (in the ssl_crandom_hash hash table). If it was not found, then:
  • Try to dissect the current tvb yourself and see if it is is a Change Cipher Spec message. If it is, keep polling the key log file (possibly up to some maximum time) until the Client Random is found.
  • Invoke the normal SSL dissection code (hopefully it will succeed now in loading the key).

answered 01 Nov '16, 13:05

Lekensteyn's gravatar image

Lekensteyn
2.2k3724
accept rate: 30%

0

Maybe you want to consider a different approach. This is an interesting article about the subject. Fiddler is a well known tool, as is MitM Proxy.

answered 01 Nov '16, 12:35

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

The article is really related to this project. However, I would like to use TLS encryption keys instead of the master secret/certificate to decrypt info by the proxies.

(01 Nov '16, 12:50) mac9393