Wireshark mailing list archives
Re: Support for TLS1.2 decryption using derived keys
From: Peter Wu <peter () lekensteyn nl>
Date: Fri, 1 May 2020 22:24:16 +0200
On Fri, May 01, 2020 at 02:39:28PM +0300, webpentest wrote:
Hello Peter, On 01.05.2020 01:23, Peter Wu wrote:1. A generic way to export schannel key material in SSLKEYLOG-like format using elevated privilege and lsass.exe debugging / memory. Preferably - the data that wireshark supports already - master secret for tls <= 1.2 and the intermediate traffic secrets for tls 1.3That would be great :-)I wrote a script to do that and documented its usage on http://b.poc.fun/sslkeylog-for-schannel/. It is in now way generic (yet), but I successfully use in my research. Feel free to give it a go! The main problem really is to get crandom and correlate it with master key.
Thanks, right now I cannot test it but I'll keep this as reference! As for the linking with a session, if obtaining the Client Random is too complicated, but a ClientHello.SessionID is available, consider using the "RSA Session-ID:" format as done by the earlier SChannel work [1]. The various available mappings can be found in the source code, but they are also summarized at https://security.stackexchange.com/a/42350/2630 [1]: https://www.blackhat.com/docs/us-16/materials/us-16-Kambic-Cunning-With-CNG-Soliciting-Secrets-From-SChannel.pdf Since it relies on undocumented structures, maybe you could make an automated test that you run with GitHub Actions to check whether it keeps working? That can act as usage documentation as well. (Aside: maybe you can slap a Let's Encrypt certificate on your domain and make it available over HTTPS?)
It is currently win-10 only, TLS1.2-only, does not work with resumed TLS sessions and poorly handles simultaneous connects.
With TLS 1.2, it resumes with the same master secret. So as long as you have extracted the master secret from previous sessions, you should be able to use the same master secret if you combine it with the Client Random from the second session. -- Kind regards, Peter Wu https://lekensteyn.nl ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: Support for TLS1.2 decryption using derived keys webpentest (May 01)
- Re: Support for TLS1.2 decryption using derived keys Peter Wu (May 01)
- Re: Support for TLS1.2 decryption using derived keys webpentest (May 01)
- Re: Support for TLS1.2 decryption using derived keys Peter Wu (May 01)
- Re: Support for TLS1.2 decryption using derived keys webpentest (May 01)
- Re: Support for TLS1.2 decryption using derived keys Peter Wu (May 01)