2

I have the Wireshark capture of a TLS Handshake as shown in the attached image below.

TLS Capture

I wish to decrypt the logged traffic that follows. I am a newbie and from what I have read so far, I need a private key to decrypt the data. This key should apparently be accessible from the handshake packets that I have logged. Is that correct?

I only have access to the public key from the Certificate which I guess plays a role to start understanding the handshake capture.

Can someone point me towards information about how I can go about retrieving the private key? Is there another way to gain access to the private key?

As an alternative, I tried logging the SSL keys using the variable SSLKEYLOGFILE but the communication does not seem to be happening directly with the browser, instead via some Java applet embedded in the browser. Even if I can get the applet to dump the keys, I should be on my way. However, I have no idea about how to go about it.

Another alternative would be to manually add the client random (easily found) and the master/pre master secrets (no idea how to find these) to the key log file. Any tips about finding one of these two values will also be very helpful.

I would be grateful for any answers.

BombayBlue
  • 21
  • 1
  • 2
  • As an additional information. I have access to the encrypted pre-master secret and the certificate with the public key. –  Dec 15 '17 at 22:09
  • 1
    The public key cannot decrypt anything; if it or anything else in the handshake could, all TLS traffic could be read by everybody in the world and it would be completely useless. If your connection uses 'plain RSA' key exchange (NOT either variant of DH=Diffie-Hellman also called PFS=Perfect Forward Secrecy) and you have the _private_ key from the server, Wireshark can read that and use it to decrypt the premaster, then derive the master and working keys, and decrypt the data; you don't have to do anything yourself. There are several Q&As here already explaining SSLKEYLOGFILE. – dave_thompson_085 Dec 15 '17 at 23:22
  • I can see that ssl keys are logged for applications other than the browser. I have Creative Cloud running in the background and its TLS traffic can be decrypted by Wireshark without a problem. If I open the yahoo sports page to log some feeds though, the traffic is logged by Wireshark but there are no keys available in the log file. Why does this happen? – BombayBlue Dec 16 '17 at 00:17
  • 1
    Properly implemented TLS is useless to you unless you have one of the private keys used in the handshake, or more precisely you need one of the ephemeral private keys which are purged after use to provide forward secrecy. Failing that you could also just capture the shared secret which resides somewhere in memory. If all you do is intercept traffic you can do nothing with it other than try a MITM attack and count on the client being dumb and accepting your manufactured public key as genuine. – dingrite Dec 16 '17 at 00:28

1 Answers1

3

how I can go about retrieving the private key?

The key is - like its name suggests - private. It is a secret which should only known to the server. If you own the server then you'll find it in the configuration of the server (details depend on the actual server). If you don't own the server you are hopefully not able to get the private key.

Please note also that the private key does not help if DHE or ECDHE key exchange is used which is the recommended way today. But in your specific pcap this does not seem to be the case (no ServerKeyExchange message).

I tried logging the SSL keys using the variable SSLKEYLOGFILE but the communication does not seem to be happening directly with the browser, instead via some Java applet embedded in the browser. Even if I can get the applet to dump the keys, I should be on my way. However, I have no idea about how to go about it.

If the application provides a way to dump keys fully depends on the application. Even SSLKEYLOGFILE can only be used with older versions of Chrome and Firefox or with current versions of Firefox but in debug builds only, see Chrome not Firefox are not dumping to SSLKEYLOGFILE variable. For Java application it seems to be possible to extract the keys if the code is compiled with some special library - see jSSLKeyLog - Java Agent Library to log SSL session keys to a file for Wireshark for details. For more information see Using the (Pre)-Master-Secret at the Wireshark Wiki.

Steffen Ullrich
  • 190,458
  • 29
  • 381
  • 434
  • The symmetric key used in the TLS session might still be in memory as long as the session is not terminated. Is it possible to take memory dump only of that application and look for the hexadecimal key? – defalt Dec 16 '17 at 04:44
  • There is no such thing as a "hexadecimal" key. [Hexadecimal](https://en.wikipedia.org/wiki/Hexadecimal) is just a string representation of binary data. And yes, with enough knowledge of the internal structures one should be able to extract the key from the memory of the application as long as the TLS session is still active. See for example [Extract pre-master keys from an OpenSSL application](https://security.stackexchange.com/questions/80158/extract-pre-master-keys-from-an-openssl-application). – Steffen Ullrich Dec 16 '17 at 04:53
  • 2
    `If you don't own the server you are hopefully not able to get the private key.` Tell that to a pentester. – forest Dec 16 '17 at 04:56