This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

FTP over explicit SSL

0

Hello,

i need to decrypt the commands sent by FTP over explicit SSL. i had a couple of tries, but it never succeded.

I searched the internet up and down but it seems that nobody needed it before!

i already put the key file in Preferences/protocols/ssl but the stream never got decrypted!

asked 08 Feb '12, 09:24

PeaceTrain's gravatar image

PeaceTrain
1112
accept rate: 0%

edited 08 Feb '12, 09:26


2 Answers:

2

Oh, decryption of FTPS is indeed needed, I use it a lot :-)

In explicit FTPS (or FTPES), the start of the command channel is cleartext until the AUTH TLS command is given and accepted. After that a normal SSL session is being set up. So the packet flow is like this:

S->C [cleartext]220 Welcome to FTP server
C->S [cleartext]AUTH TLS
S->C [cleartext]234 Proceed with negotiation.
C->S [SSL] ClientHello
S->C [SSL] ServerHello
etc.

When you decode this session as SSL, the first three cleartext messages will appear as "Ignored Unknown Record" and the rest of the session should be visible as SSL, including decryption.

Three common sources of decryption to fail are:

  1. The SSL session is reused, so you see only a short SSL handshake (look for the "ClientKeyExchange", if it is missing, you have a short handshake)
  2. There was a DH cipher chosen by the server (Look for the chosen cipher in the "ServerHello" message, if it contains DH or DHE, you're out of luck with decryption)
  3. The private key could not be read by wireshark (look at the SSL debug file) or the key does not match the certificate (look for "wrong pre_master secret length" messages in the SSL debug file)

Hope this helps to get you on your way!

answered 08 Feb '12, 10:03

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

0

I hope it's OK if I extend this rather out-of-date question somewhat... I'm attempting to track down exactly where the clientHello and serverHello packets are in FTPeS. It's right out there in the open with https negotiation, but since this is using ftp for the transfer, it's just showing a stream of octal characters, though I am able to make out the certificate transfer, thanks to Wireshark's display.

Immediately after the 234 authentication method accepted message from the server, there is a 571B request message using ftp, which I'm going to assume is the clientHello packet.

My issue is that I'm trying to decode which version of tls is being offered at this point. As I mentioend, I'm just using the decode, but from what I've read, the "clientHello" will begin with a "type" of 0x01, followed by 3 bytes for the length, until we come to the tls version. So in this case, I've been searching the decode for a 0x01, followed by 3 rangom bytes, for what I believe is 0x303 for tls v1.2.

From all this, I'm guessing that MAYBE, that the 10th byte in from the beginning of the request command appears to be the tls type. But that's a WAG, not even a SWAG (Scientific Wild @$$ Guess.)

As I mentioned at the beginning of this, the http decode is so much simpler to read. I would really appreciate help with the FTPeS decode.

Thanks very much in advance,

Mark

answered 10 Jul '16, 14:49

mhlevy's gravatar image

mhlevy
61
accept rate: 0%