ssldump | ssldump - ( de-facto repository gathering patches | TLS library
kandi X-RAY | ssldump Summary
kandi X-RAY | ssldump Summary
This repository is composed of the original SSLDUMP 0.9b3 + a myriad of patches (from Debian and other distributions) + contributions via PR. ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. It also includes a JSON output option, supports JA3 and IPv6.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of ssldump
ssldump Key Features
ssldump Examples and Code Snippets
Community Discussions
Trending Discussions on ssldump
QUESTION
I'm writing a little code in python3 using the requests module. I send https requests to a server but i need to dump the exechanges beetwin the server and my client.
I know how dump the ssl key with firefox and use it to decrypt the data with whireshark but how can do the same with a python program ?
I need a thirth program like ssldump for exemple or i can do it in the python code ?
...ANSWER
Answered 2019-Sep-26 at 07:52You will need to use a TLS proxy if you wanna decrypt HTTPS traffic from a client that cannot export an SSLKEYLOGFILE. We have a free tool called PolarProxy, which acts as a transparent proxy end dumps the decrypted traffic as plain HTTP to a PCAP file that you can open in Wireshark.
QUESTION
MySQL 5.7 Ubuntu 16.04 on AWS EC2
I've got replication set up over ssl using self-signed certificates. I am able to connect to the master from the slave using the mysql client with ssl-mode=VERIFY_IDENTITY. The replication is also working over ssl until I try and enable MASTER_SSL_VERIFY_SERVER_CERT to enable host name verification.
With that enabled the slave is no longer able to authenticate with the master and received io error 2026, which is just a generic ssl connection failed error. The logs are not any more helpful nor is ssldump which just shows the connection being aborted before the handshake even starts.
According to the docs:
To activate host name identity verification, add the MASTER_SSL_VERIFY_SERVER_CERT option.
and
For a replication connection, specifying MASTER_SSL_VERIFY_SERVER_CERT=1 corresponds to setting --ssl-mode=VERIFY_IDENTITY
But also
Host name identity verification does not work with self-signed certificates.
https://dev.mysql.com/doc/refman/5.7/en/replication-solutions-encrypted-connections.html
So how can I enable host name verification during replication with self-signed certificates? The docs seem to indicate it is impossible, but then why am I able to connect via the client with ssl-mode=VERIFY_IDENTITY?
Thank you.
...ANSWER
Answered 2018-Nov-09 at 21:02The solution was to add MASTER_SSL_CA, MASTER_SSL_CERT, and MASTER_SSL_KEY to my CHANGE MASTER TO statement to manually point to the ca, cert, and key rather an trusting mysql to read them from the config.
As far as I can tell this means the mysql docs are wrong.
They state that the paths can be set in the [client] section of my.cnf, but this is clearly not the case, at least for me. For whatever reason the [client] section does appear to be used by the mysql client, but is ignored for replication.
I believe I was also misunderstanding self-signed certificates. MASTER_SSL_VERIFY_SERVER_CERT does work because I don't actually have self-signed certs, I have certs signed by my own CA. The CA cert itself is self-signed but that's different from the master/slave certs being self-signed it seems.
And finally, I was absolutely misunderstanding the purpose of MASTER_SSL_VERIFY_SERVER_CERT. It turns out I don't really need it at all because my personal CA only signs certs for this one domain anyway so there's nothing to be gained by checking that the common name of the server cert matches the requested domain. It always will. The verification would only be helpful when using a trusted certificate authority that signs certs for many domains. Then you would want to verify the certificate belongs to the domain you requested otherwise you would be vulnerable to man-in-the-middle attacks.
Hopefully that mess of info helps someone else.
QUESTION
I am using GRPC (Java client) to connect via SSL to a NodeJS server. The SSL context I am using is copied below. I tried running ssldump (on Mac El Capitan OS) to help debug. I get the following exception on the server when I try to connect and send a message to the server:
...ANSWER
Answered 2017-Mar-28 at 16:01I removed the 'usePlaintext(false)' statement which seemed to have been causing the issue.
QUESTION
I just installed ssldump on a mac computeg using brew. The installation process ran without reporting any issues (ssldump-0.9b3 already installed). However, when I try running ssldump from the same prompt or a new terminal window, the error message I get is:
...ANSWER
Answered 2017-Mar-13 at 15:08Simply using brew install ssldump did not work for me as ssldump was added in /usr/local/sbin (which was neither mentioned on /etc/paths nor in .bash_profile). I ended up adding /usr/local/sbin to the .bash_profile and used sourced the file to enable the change.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install ssldump
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
