Analyzing HTTP/S traffic with ssldump
=====================================

2006-11-07	support@frank4dd.com

Software used:

1:) ssldump 0.9b3 	http://www.rtfm.com/ssldump/ by Eric Rescorla

Limitation: works only on the webserver


2.) sslsniffer 1.21	http://crypto.stanford.edu/~eujin/sslsniffer/
by Eu-Jin Goh andi Dan Boneh from Stanford University

Limitation: doesn't show encrypted html data

3.) Example using ssldump

DDM1307811:~ # ssldump -i eth0 host 172.20.203.72 or host 172.20.203.73 or host 172.20.203.74 and port 74 -d
New TCP connection #1: DDM1307811.frank4dd.com(2318) <-> n30prxy2.frank4dd.com(74)
0.0006 (0.0006)  C>S
---------------------------------------------------------------
CONNECT n30clf1:443 HTTP/1.0
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.2 (like Gecko)
Host: n30clf1

---------------------------------------------------------------

0.0026 (0.0020)  S>C
---------------------------------------------------------------
HTTP/1.0 200 Connection established

---------------------------------------------------------------

1 1  0.0064 (0.0037)  C>S SSLv2 compatible client hello
  Version 3.0
  cipher suites
  SSL_RSA_WITH_RC4_128_MD5
  SSL2_CK_RC4
  SSL_RSA_WITH_RC4_128_SHA
  SSL_RSA_WITH_3DES_EDE_CBC_SHA
  SSL2_CK_RC2
  SSL2_CK_3DES
  SSL_DHE_RSA_WITH_AES_256_CBC_SHA
  SSL_DHE_DSS_WITH_AES_256_CBC_SHA
  SSL_RSA_WITH_AES_256_CBC_SHA
  SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  SSL_DHE_RSA_WITH_AES_128_CBC_SHA
  SSL_DHE_DSS_WITH_AES_128_CBC_SHA
  SSL_RSA_WITH_AES_128_CBC_SHA
  SSL_DHE_DSS_WITH_RC4_128_SHA
  SSL2_CK_RC464
  SSL2_CK_DES
  SSL_DHE_DSS_WITH_RC2_56_CBC_SHA
  SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
  SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
  SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
  SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
  SSL_RSA_EXPORT1024_WITH_RC4_56_MD5
  SSL_DHE_RSA_WITH_DES_CBC_SHA
  SSL_DHE_DSS_WITH_DES_CBC_SHA
  SSL_RSA_WITH_DES_CBC_SHA
1 2  0.0092 (0.0028)  S>C  Handshake
      ServerHello
        Version 3.0
        session_id[32]=
          1e 91 7c 13 27 49 07 b0 73 d6 8f fe 5a bf a6 8e
          b3 b1 11 f7 37 31 8b 25 25 96 2d 2e ed 83 05 75
        cipherSuite         SSL_RSA_WITH_RC4_128_MD5
        compressionMethod                   NULL
1 3  0.0092 (0.0000)  S>C  Handshake
      Certificate
1 4  0.0092 (0.0000)  S>C  Handshake
      ServerHelloDone
1 5  0.0097 (0.0005)  C>S  Handshake
      ClientKeyExchange
1 6  0.0097 (0.0000)  C>S  ChangeCipherSpec
1 7  0.0097 (0.0000)  C>S  Handshake
1 8  0.0238 (0.0140)  S>C  ChangeCipherSpec
1 9  0.0238 (0.0000)  S>C  Handshake
1 10 0.0503 (0.0265)  C>S  application_data
1 11 0.1212 (0.0708)  S>C  application_data
1    16.1616 (16.0403)  C>S  TCP FIN
1    17.6403 (1.4787)  S>C  TCP FIN

3.1. Use keys to follow the encrypted traffic
---------------------------------------------

openssl x509 -in test.pem -pubkey -noout > testpubkey.pem

DDM1307811:~ # cat testpubkey.pem
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7bH5JmLVmnsU3Y22sOq
TxuhLbjVv7km33l06QLxWglT0HPwJt69dME9A2cAAo1tIjIJAZI6ViDKUI9SyI8p
uybCcrb123lxVyTgaA+uNZmyLKW91TNFM84esTc+9/gB36/FEmK8LvYAmRHSpsF4
NzwCdLzFRL6K0FoqGxkGNNmvh5FNd9CMWVRUzdZ3Sczs9XTfDROJ9Sq1f0BFTuVL
LGpbzM88p00451AOhZiHzlDD9CRGFtas3BgoBEYM81UM6uvQhc+kw12iuEjRG2E8
lFvvZogkhaeZeZ+kkS8JgeQ2FW6onwlWZojllOfy8YPtYurc1eenbLj04oexmjT0
gQIDAQAB
-----END PUBLIC KEY-----

3.2. ON THE SERVER:
===================

n30clf1:/etc/apache-ssl# ssldump -d -k /etc/apache-ssl/apache.pem -i eth0 port 443
New TCP connection #1: n30prxy2.frank4dd.com(36041) <-> n30clf1(443)
1 1  0.0059 (0.0059)  C>S SSLv2 compatible client hello
  Version 3.0
  cipher suites
  SSL_RSA_WITH_RC4_128_MD5
  SSL2_CK_RC4
  SSL_RSA_WITH_RC4_128_SHA
  SSL_RSA_WITH_3DES_EDE_CBC_SHA
  SSL2_CK_RC2
  SSL2_CK_3DES
  Unknown value 0x39
  Unknown value 0x38
  Unknown value 0x35
  SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
  SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
  Unknown value 0x33
  Unknown value 0x32
  Unknown value 0x2f
  SSL_DHE_DSS_WITH_RC4_128_SHA
  SSL2_CK_RC464
  SSL2_CK_DES
  SSL_DHE_DSS_WITH_RC2_56_CBC_SHA
  SSL_RSA_EXPORT1024_WITH_RC4_56_SHA
  SSL_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
  SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA
  SSL_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
  SSL_RSA_EXPORT1024_WITH_RC4_56_MD5
  SSL_DHE_RSA_WITH_DES_CBC_SHA
  SSL_DHE_DSS_WITH_DES_CBC_SHA
  SSL_RSA_WITH_DES_CBC_SHA
1 2  0.0061 (0.0001)  S>C  Handshake
      ServerHello
        Version 3.0
        session_id[32]=
          1f c8 11 c9 46 92 8b ae 3b 9f 4f 0d f4 ab f6 bf
          aa fc dd 64 bc d4 90 98 c7 35 45 4e 28 16 34 a1
        cipherSuite         SSL_RSA_WITH_RC4_128_MD5
        compressionMethod                   NULL
1 3  0.0061 (0.0000)  S>C  Handshake
      Certificate
1 4  0.0061 (0.0000)  S>C  Handshake
      ServerHelloDone
1 5  0.0092 (0.0031)  C>S  Handshake
      ClientKeyExchange
1 6  0.0092 (0.0000)  C>S  ChangeCipherSpec
1 7  0.0092 (0.0000)  C>S  Handshake
      Finished
1 8  0.0216 (0.0124)  S>C  ChangeCipherSpec
1 9  0.0216 (0.0000)  S>C  Handshake
      Finished
1 10 0.0518 (0.0301)  C>S  application_data
    ---------------------------------------------------------------
    GET /cert.shtml HTTP/1.1
    Connection: Keep-Alive
    User-Agent: Mozilla/5.0 (compatible; Konqueror/3.4; Linux) KHTML/3.4.2 (like Gecko)
    Referer: https://n30clf1/
    Accept: text/html, image/jpeg, image/png, text/*, image/*, */*
    Accept-Encoding: x-gzip, x-deflate, gzip, deflate
    Accept-Charset: utf-8, utf-8;q=0.5, *;q=0.5
    Accept-Language: en, de, ja
    Host: n30clf1
    Authorization: Basic Zm1pZ2dlOnRlc3QxMjMh

    ---------------------------------------------------------------
1 11 0.1399 (0.0881)  S>C  application_data
    ---------------------------------------------------------------
    HTTP/1.1 200 OK
    Date: Tue, 07 Nov 2006 09:43:54 GMT
    Server: Apache/1.3.33 Ben-SSL/1.55 (Debian GNU/Linux) mod_python/2.7.10 Python/2.3.4 PHP/4.3.10-16 mod_auth_pam/1.1.1 mod_perl/1.29
    Keep-Alive: timeout=15, max=100
    Connection: Keep-Alive
    Transfer-Encoding: chunked
    Content-Type: text/html; charset=iso-8859-1

    9ed
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
            "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <meta name="generator" content="Bluefish,vim">
    <meta name="copyright" content="">
    <meta http-equiv="expires" content="5">
    <meta name="description" content="">
    <link rel="stylesheet" type="text/css" href="/css/style.css">
    <meta http-equiv="Content-Style-Type" content="text/css">
    <title>HTML Index Page</title>
    </head>
    <body>
    <hr noshade>
    <h2><span class="kopf"> <a href="http://myweb"> My WebSite</a>
    <a href="http://www.frank4dd.com/howto"> Remote Howtos</a></span></h2>
    <h1><span class="kopf">
    <i>Central Logging Facility Root Certificate</i></span></h1>
    <hr class="c1">
    <h2>The Local Root Certificate</h2>
    <br>
    <p>
    Here is how to install the root certificate on your machine.

    Please click <a href="ca/root_cert.crt">here</a> to install
    the root certificate.
    Depending on your browser will be presented an import dialouge.
    Follow it to install.

    Here are some details you might want to check:
    </p>
    <table BORDER=1 WIDTH="85%" summary="root cert properties">
        <tr><td>
        MD Fingerprint:
        </td><td>
        2C:4C:5C:2F:31:DD:F1:1C:B2:A6:A1:9E:95:1D:86:54
        </td></tr>
        <tr><td>
        SHA1 Fingerprint:
        </td><td>
        C3:A5:BB:AB:38:2F:A2:BB:0C:02:3D:D6:4E:A9:EE:54:57:B2:46:D0
        </td></tr>
        <tr><td>
        Valid from:
        </td><td>
        (2004-04-08 15:39:09 GMT)
        </td></tr>
        <tr><td>
        Valid to:
        </td><td>
        (2004-04-07 15:39:09 GMT)
        </td></tr>
        <tr><td>
        Issuer
        </td><td>
        /C=DE/ST=Saxony/L=Dresden/O=Frank4DD/OU=Support/CN=www.frank4dd.com/Email=public@frank4dd.com
        </td></tr>
    </table>
    <br><br>
    <i>

            Last modified 2006-06-06, 16:20 CEST
    . Please report errors to your friendly <a href="mailto:public@frank4dd.com">Webmaster</a>. Thanx.
    </i>
    <p>
    <a href="/admin">[Administration]</a>
    </p>
    <p>
      <a class="left" href="http://www.debian.org">
        <img style="border:
    0

    ---------------------------------------------------------------
1    16.1905 (16.0506)  C>S  TCP FIN
1    16.1906 (0.0001)  S>C  TCP FIN

4.) Example using sslsniffer
============================

fm@DDM1307811:~/sslsniffer> ./sslsniffer -p 8888 -np 443 n30clf1

SSLV3/TLS Sniffer 1.1 written by Eu-Jin Goh
Stanford University Applied Crypto Group

SSL Sniffer listening on port number 8888
Will connect incoming connections to n30clf1 on port 443

--------------------------------------------------------
Received connection from localhost, port 12527


Reading from CLIENT socket
Received SSLV2 Client Hello ...

From Client Hello -- Protocol Version: 3.0
Session ID Length -- 0 bytes
Session ID --
Cipher Suite Length 78 bytes ... number of cipher suites 26
Cipher Suite List is --
  Hex Code: 0x00 0x04
  Type: RSA with 128 bit RC4 and hash function MD5
  Hex Code: 0x01 0x00 0x80
  Type: RSA with 128 bit RC4 and hash function MD5
  Hex Code: 0x00 0x05
  Type: RSA with 128 bit RC4 and hash function SHA
  Hex Code: 0x00 0x0a
  Type: RSA with 3DES EDE in CBC mode and hash function SHA
  Hex Code: 0x03 0x00 0x80
  Type: RSA with 128 bit RC2 CBC and hash function MD5
  Hex Code: 0x07 0x00 0xc0
  Type: RSA with 192 bit 3DES EDE CBC and hash function MD5
  Hex Code: 0x00 0x39
  Type: Elliptic Curve DHE DSS Export with 40 bit DES CBC and hash function SHA
  Hex Code: 0x00 0x38
  Type: Elliptic Curve DHE DSS with 3DES EDE CBC and hash function SHA
  Hex Code: 0x00 0x35
  Type: Unknown Cipher Suite
  Hex Code: 0x00 0x16
  Type: DHE RSA with 3DES EDE in CBC mode and hash function SHA
  Hex Code: 0x00 0x13
  Type: DHE DSS with 3DES EDE in CBC mode and hash function SHA
  Hex Code: 0x00 0x33
  Type: Unknown Cipher Suite
  Hex Code: 0x00 0x32
  Type: Unknown Cipher Suite
  Hex Code: 0x00 0x2f
  Type: Unknown Cipher Suite
  Hex Code: 0x00 0x66
  Type: DHE DSS with 128 bit RC4 and hash function SHA
  Hex Code: 0x08 0x00 0x80
  Type: Unknown SSLV2 cipher used
  Hex Code: 0x06 0x00 0x40
  Type: RSA with 64 bit DES CBC and hash function MD5
  Hex Code: 0x00 0x65
  Type: DHE DSS Export with 56 bit RC4 and hash function SHA
  Hex Code: 0x00 0x64
  Type: RSA Export with 56 bit RC4 and hash function SHA
  Hex Code: 0x00 0x63
  Type: DHE DSS Export with DES CBC and hash function SHA
  Hex Code: 0x00 0x62
  Type: RSA Export with DES CBC and hash function SHA
  Hex Code: 0x00 0x61
  Type: RSA Export with 56 bit RC2 CBC and hash function MD5
  Hex Code: 0x00 0x60
  Type: RSA Export with 56 bit RC4 and hash function MD5
  Hex Code: 0x00 0x15
  Type: DHE RSA with DES in CBC mode and hash function SHA
  Hex Code: 0x00 0x12
  Type: DHE DSS with DES in CBC mode and hash function SHA
  Hex Code: 0x00 0x09
  Type: RSA with DES in CBC mode and hash function SHA
Challenge Length -- 16 bytes


Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 74
Received a HANDSHAKE packet ...
HandShake Packet Type :- Server Hello
From Server Hello -- Protocol Version 3.0
Length of session ID -- 32 bytes
Session ID --
  0x8c680f45027fe69549c4f18e4af88e84a0d417d7a8eeaa417c882df699d488b5
Cipher Suite is --
  Hex Code: 0x00 0x04
  Type: RSA with 128 bit RC4 and hash function MD5


Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 1247
Received a HANDSHAKE packet ...
HandShake Packet Type :- Certificate
  CERTIFICATE INFORMATION :-
  Validity -- Not After  Oct  8 07:11:18 2011 GMT
              Not Before Sep 12 07:11:18 2006 GMT
  Subject Distinguished Name --
    /C=DE/ST=SN/L=Dresden/O=Frank4DD/OU=Support/CN=n30clf1.frank4dd.com/emailAddress=public@frank4dd.com
  Issuer Distinguished Name  --
    /C=DE/ST=Saxony/L=Dresden/O=Frank4DD/OU=Support/CN=WebCA/emailAddress=support@frank4dd.com
  RSA Public key size 2048 bits



Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 4
Received a HANDSHAKE packet ...
HandShake Packet Type :- Server hello done


Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 260
Received a HANDSHAKE packet ...
HandShake Packet Type :- Client key exchange
Length of RSA Encrypted PreMaster Secret -- 256 bytes
RSA Encrypted PreMaster Secret --
  0x6673c5fe758751dc2bc0852b4959c310d4165ab4c2a4e4a51d23585538a23f9aed24b42e1adc5a917238739423094341467dffda6c4e9eea6893280c5a4fb52bed76b2dd36851fa88e613e9e1f291fae755278cb1066e5fa1e74675cc245d5d4437dcdebfd01669e1dd5c606da89ad1ed7534f08871f02e57d424553bc2ed69eb098662914a13c12d61f91acf8fd08d27d14a651a54704b56058213cf1428d439640eb7d15f03d81f32aa6926de3415000f054e7a2cdfa4c56bbf7bdeb725ec76afa678d9228f9842d3422ab4210fd394f20a0ae7620bec9e4275b206a10834e907f1ee226e0529d4d1812c3423a5ecc57d97da3b1704a53cb17e9197364656e


Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 1
Received a CHANGE_CIPHER_SPEC packet:
Further packets will be encrypted ...

Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 56
Received a HANDSHAKE packet ...
Packet is encrypted.

Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 1
Received a CHANGE_CIPHER_SPEC packet:
Further packets will be encrypted ...

Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 56
Received a HANDSHAKE packet ...
Packet is encrypted.

Reading from CLIENT socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 354
Received APPLICATION DATA packet ...
Packet is encrypted.

Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 908
Received APPLICATION DATA packet ...

...
Reading from SERVER socket
From Record Header -- Protocol Version: 3.0
                      Record Length: 56
Received a HANDSHAKE packet ...
Packet is encrypted.

Reading from CLIENT socket

Close connections