Network Security: Detailed info on Re: Sniffing Encrypted Traffic (w/ keys)

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Re: Sniffing Encrypted Traffic (w/ keys)

from [Brad DeShong] Network Security

[Permanent Link]

Subject:	Re: Sniffing Encrypted Traffic (w/ keys)
Date:	Wed, 22 Jun 2005 23:03:24 -0500

Times Enemy wrote:

Greetings.

http://ettercap.sourceforge.net/

.te

During a recent assesment we compromised SSL keys for a webserver and
wanted to sniff the  "encrypted" traffic.  In theory this works, but
what tools exist to do this in practice?  I've seen Covelight's
Clearwatch on a Windows system, but we're working with a Linux system on
the inside.  Is a MITM necessary or can it be done by just looking at
the traffic after the fact (at least for the half of the connection we
have keys for?).

Thanks, Brad DeShong WestAnnex Security

Sure, I know I could do a MITM, but I want to decrypt all this traffic after the fact from pcap data and the retrieved keys. Does ettercap have this capability?

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Sniffing Encrypted Traffic (w/ keys), Brad DeShong Message not available Re: Sniffing Encrypted Traffic (w/ keys), Brad DeShong <= Message not available Re: Sniffing Encrypted Traffic (w/ keys), Ty Bodell

Previous by Date:	Sniffing Encrypted Traffic (w/ keys), Brad DeShong
Next by Date:	Re: CEH training, Gareth Davies
Previous by Thread:	Sniffing Encrypted Traffic (w/ keys), Brad DeShong
Next by Thread:	Re: Sniffing Encrypted Traffic (w/ keys), Ty Bodell
Indexes:	[Date] [Thread] [Top] [All Lists]