How to decrypt ssl log Video

Get it off your chest – be the first to comment on this video!

Hacking and decrypting SSL and TLS traffic

Harrison: So Darren, last month, we demonstrated a man in the middle attack using Cain & Abel and are they real? Darren: Yes, but like we also said, you can always secure yourself by using something like Gmail which uses SSL. Harrison: Exactly right, so this month, we are going to take it a step further by doing a direct attack on the SSL protocol and show you have to decrypt SSLv3 and TLS Traffic. Darren: That sounds like a lot of fun but I cannot hack on an empty stomach. Let us go get a bite to eat and then you can show us how it is done. [Music Playing] Darren: Okay. We are back from lunch. Harrison thanks for coming back on the show. How are going to perform this attack, like what is involved? Harrison: Okay. Well first of all, we are going to use WAPix. I use WAPix version 2.7. Darren: And that is just like Knoppix This is the Linux live disc drill. Harrison: It is based on Knoppix. The author of the program basically is a security author then. He was doing a lot of their company and they said he had to use their computers and he could not install anything. So, how can you give anything done, right? So he said, “All right. Well, I will play by the rules and put all of my tools onto this one Knoppix CD and all my exploits. Basically boot off the CD and I got a portable hack toolkit.” Darren: Now that is not the only portable hack toolkit. There is Knoppix STD. Harrison: Yes, auditor. Darren: Phlak. What does Phlak stand for? Harrison: I have no idea. West: Professional Hackers Linux Assault Kit. Darren: Thank you West. Harrison: West, thank you. West: Welcome. Harrison: Okay, so there are a bunch of different toolkits. Darren: All right. So we are booted into WAPix, what is the first thing that we need to do? Harrison: Okay. Well, the first thing we are going to do is run a program fragrouter and this going to route the IP traffic so that once we perform a man in the middle attack, it is everything is falling in the right direction. Darren: Great! Okay, so once we have got that done, I just assume that we start the ARP. Harrison: Yes exactly. We are going to use—I opposed to key enable, we are going to use arpspoof. This is a command line tool and we just enter the target address who are going to arp and the gateway and that will position ourselves in between it. Darren: All right, now that is not all that is involve in the arp does in which the main line. Harrison: No, exactly since we are not can cable does it all automatically but since we use a variety of tools the next time we have to do is DNS spoof and that will complete the attack and it runs silently. Darren: Okay so once we have got Tina’s spoof we are pretty much sit between them, we can see everything that is going on. Harrison: Exactly. Darren: What do we need to get the SSL’s attack going on? Harrison: Well, this is the heart of the attack. What we going to do is use a tool called Web MITM, which stands for Man in the middle. To create a spoof certificate and it is going to set on the network and just listen and as soon as the user tries to attempts to go to a secure site that certificate is going to come to us and it is going to stop go no further and instead he uses can begin our fake certificate. Darren: Oh! So even fake stuff, good. Harrison: Exactly and then what we do is just pull up, are they real. Sit them the network and sniff up all the traffic and as soon as the user accepts the certificate. Enter its password we are going to see Web MITM. We are going to start a lot of activity as soon as that happens the next step is just stop the other wheel [Voice Overlap]. Darren: So we sniff up the traffic we have seen that they have gone to SSL site like Gmail now what do are we going to do, we have got encrypted packets. Harrison: Right, here is the key we can save that other wheel traffic and we use the tool code SSL. What that does is uses the combination of the encrypted SSL traffic that we sniff up plus the key pair. Darren: Because we created the certificate. Harrison: Exactly, we created the certificate so it is an

Featured Links:

Is SSL it Important? Selling Online Securely.

The question of what SSL is always comes up when you are selling online. It is usually followed by "Do I need it for my online store". In this article you will find out the answers to both your questions and more!

http://www.articlesbase.com/ecommerce-articles/is-ssl-it-important-selling-online-securely-23570.html/9461024403

Harrison: So Darren, last month, we demonstrated a man in the middle attack using Cain & Abel and are they real?

Darren: Yes, but like we also said, you can always secure yourself by using something like Gmail which uses SSL.

Harrison: Exactly right, so this month, we are going to take it a step further by doing a direct attack on the SSL protocol and show you have to decrypt SSLv3 and TLS Traffic.

Darren: That sounds like a lot of fun but I cannot hack on an empty stomach. Let us go get a bite to eat and then you can show us how it is done.

[Music Playing]

Darren: Okay. We are back from lunch. Harrison thanks for coming back on the show. How are going to perform this attack, like what is involved?

Harrison: Okay. Well first of all, we are going to use WAPix. I use WAPix version 2.7.

Darren: And that is just like Knoppix This is the Linux live disc drill.

Harrison: It is based on Knoppix. The author of the program basically is a security author then. He was doing a lot of their company and they said he had to use their computers and he could not install anything. So, how can you give anything done, right? So he said, “All right. Well, I will play by the rules and put all of my tools onto this one Knoppix CD and all my exploits. Basically boot off the CD and I got a portable hack toolkit.”

Darren: Now that is not the only portable hack toolkit. There is Knoppix STD.

Harrison: Yes, auditor.

Darren: Phlak. What does Phlak stand for?

Harrison: I have no idea.

West: Professional Hackers Linux Assault Kit.

Darren: Thank you West.

Harrison: West, thank you.

West: Welcome.

Harrison: Okay, so there are a bunch of different toolkits.

Darren: All right. So we are booted into WAPix, what is the first thing that we need to do?

Harrison: Okay. Well, the first thing we are going to do is run a program fragrouter and this going to route the IP traffic so that once we perform a man in the middle attack, it is everything is falling in the right direction.

Darren: Great! Okay, so once we have got that done, I just assume that we start the ARP.

Harrison: Yes exactly. We are going to use—I opposed to key enable, we are going to use arpspoof. This is a command line tool and we just enter the target address who are going to arp and the gateway and that will position ourselves in between it.

Darren: All right, now that is not all that is involve in the arp does in which the main line.

Harrison: No, exactly since we are not can cable does it all automatically but since we use a variety of tools the next time we have to do is DNS spoof and that will complete the attack and it runs silently.

Darren: Okay so once we have got Tina’s spoof we are pretty much sit between them, we can see everything that is going on.

Harrison: Exactly.

Darren: What do we need to get the SSL’s attack going on?

Harrison: Well, this is the heart of the attack. What we going to do is use a tool called Web MITM, which stands for Man in the middle. To create a spoof certificate and it is going to set on the network and just listen and as soon as the user tries to attempts to go to a secure site that certificate is going to come to us and it is going to stop go no further and instead he uses can begin our fake certificate.

Darren: Oh! So even fake stuff, good.

Harrison: Exactly and then what we do is just pull up, are they real. Sit them the network and sniff up all the traffic and as soon as the user accepts the certificate. Enter its password we are going to see Web MITM. We are going to start a lot of activity as soon as that happens the next step is just stop the other wheel [Voice Overlap].

Darren: So we sniff up the traffic we have seen that they have gone to SSL site like Gmail now what do are we going to do, we have got encrypted packets.

Harrison: Right, here is the key we can save that other wheel traffic and we use the tool code SSL. What that does is uses the combination of the encrypted SSL traffic that we sniff up plus the key pair.

Darren: Because we created the certificate.

Harrison: Exactly, we created the certificate so it is an

Transcription by: Scribe4you Transcription Services

Hacking and decrypting SSL and TLS traffic

How to decrypt ssl log -

How to decrypt ssl log -