Decrypt HTTPS Traffic Using PMS Key
|
Applied version
*Take note of every syntax with (‘) single-quote or (“) double-quote characters, copy-paste might not work. |
Decrypt HTTPS traffic Using PMS Key
(1) Creating PMS (Pre-Master Secret) key log file
To decrypt and display application data, the ssldump utility will need:
(1.1) Creating PMS key using Ssldump and private key
The Caveats
Not all ciphers support the creation of PMS key via ssldump utility.
- Depending on the cipher negotiated, the ssldump utility may not be able to derive enough information from the SSL handshake and the server’s private key to decrypt the application data.
- Examples of such SSL ciphers would be the DHE (Diffie-Hellman Ephemeral) cipher suites and export-grade RSA cipher suites.
- For troubleshooting purpose, you can temporarily change the cipher suite used in your SSL profile so traffic can be decrypted with ssldump.
- Example of decryptable cipher string: NONE:AES128-SHA.
One of the most common reasons an ssldump may not able to create PMS key, is if the data is contained within a resumed TLS session.
- Public key operations are expensive in terms of processing power during the initial setup and key exchange.
- TLS specifications allow a secure shortcut by using the session_id to resume an SSL connection for which the key exchange was already performed.
- In situations where the SSL communication is using a resumed session, ssldump will not be able decrypt the application data unless the capture file contains the initial handshake containing the asymmetric key exchange and session_id.
- The ssldump utility relies on the information that is exchanged during the initial session setup to decrypt the data.
- To avoid this situation, you can use one of the following methods:
- Temporarily disable the SSL session cache in the Client SSL profile by disabling the Renegotiation option.
- Disabling the SSL session cache causes the BIG-IP system to perform a full SSL handshake for each connection.
The Syntax
[root@ltm101:Active:Standalone] config # ssldump -Aed -nr /var/tmp/decrypt-ssl-asymmetric-key.pcap -k /config/filestore/files_d/Common_d/certificate_key_d/\:Common\:default.key_29915_1 -M /var/tmp/decrypt-ssl-asymmetric-key.pms
(1.2) Creating PMS key using iRule
To decrypt application data for a virtual server, from BIG-IP 11.6.0, you can use an iRule to get a premaster key for the DHE/ECDHE cipher suite.
1.2.1 Verify SSL session cache status
- Local Traffic > Profiles > SSL > Client | Server
- Click the name of the SSL profile.
- Set the Configuration view to Advanced.
- Check the Cache Size setting
- If non-zero value: SSL session cache enabled
- If zero: SSL session cache disabled
1.2.2-a For SSL session cache enabled
iRule “Decrypt_session”
| when CLIENTSSL_HANDSHAKE { # Check if client IP is <client_IP_addr>, in any route domain if { [IP::addr [getfield [IP::client_addr] “%” 1] equals <client_IP_addr>] } { log local0. “[TCP::client_port] :: RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]” } } |
info tmm1[19365]: Rule /Common/Decrypt_session <CLIENTSSL_HANDSHAKE>: 50194 :: RSA Session-ID:2b14674(…) Master-Key:7bfcb9(…)
PMS key file “decrypt-ssl-symmetric-key-cache.pms”
RSA Session-ID:<session_id> Master-Key:<master_key>
- You can manually copy, paste, edit from /var/log/ltm
- Or use sed syntax, sed -e ‘s/^.*\(RSA Session-ID\)/\1/;tx;d;:x’ /var/log/ltm > /var/tmp/decrypt-ssl-symmetric-key-cache.pms
1.2.2-b For SSL session cache disabled Ver. 11.6.X
iRule “Decrypt_session”
| when CLIENTSSL_HANDSHAKE { # Check if client IP is <client_IP_addr>, in any route domain if { [IP::addr [getfield [IP::client_addr] “%” 1] equals <client_IP_addr>] } { log local0. “[TCP::client_port] :: Master-Key:[SSL::sessionsecret]” } } |
info tmm1[5394]: Rule /Common/Decrypt_session <CLIENTSSL_HANDSHAKE>: 59159 :: Master-Key:9608b87(…)
PMS key file “decrypt-ssl-symmetric-key-nocache.pms”
CLIENT_RANDOM <random_byte_string> <master_key_string>
- <random_byte_string>
- Check the client source port of the traffic which you like to decrypt, for example: 59159
- Filter Wireshark to locate the Client Hello SSL message with random byte string, filter: tcp.port==59159 and ssl.handshake.random
- Right-click the random byte string, and click Copy > …as a Hex Stream.
- Random: 5b57526(…)
- <master_key_string>
- Search and locate the master key string using the client source port (59159)
- Master-Key:9608b87(…)
- Manually create the “decrypt-ssl-symmetric-key-nocache.pms” file and fill the neccesary entries
- CLIENT_RANDOM 5b57526(…) 9608b87(…)
(2) Examining the decrypted application data using the (symmetric) PMS key
To decrypt and display application data, the ssldump utility will need:
- PMS key log file
- Captured SSL traffic in pcap file, this needs to include the SSL handshake packets
(2.1) Decryption using Wireshark
Wireshark -> Preferences -> Protocols -> TLS -> (Pre)-Master-Secret log filename
- decrypt-ssl-asymmetric-key.pms
- decrypt-ssl-symmetric-key-cache.pms
- decrypt-ssl-symmetric-key-nocache.pms
- decrypt-ssl-asymmetric-key.pms (Figure 1)
- Wireshark preferences (Figure 2)
- Decrypted application data (Figure 3)
- decrypt-ssl-symmetric-key-cache.pms (Figure 4)
- Wireshark preferences (Figure 5)
- Decrypted application data (Figure 6)
- Cipher “TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256” (Figure 7)
- decrypt-ssl-symmetric-key-nocache.pms (Figure 9)
- Copy the client random string (Figure 8)
- Wireshark preferences (Figure 10)
- Decrypted application data (Figure 11)
0 Comments