Compiling SSLDump on F9
I was looking into CTF qualifications for 2006 and one of the tasks was to find a key in a dump of SSL protected traffic. Of course, SSL key was given, otherwise it would be quite hard task (unless, Debian is used :D)). Anyway, this seamed like a peace of cake so I decided to give it a try. First, I thought that using Wireshark I could decode this traffic but for some reason SSL analysis option was grey all the time, meaning it was useless. After a bit of googling for terms like ssl decode, ssl trace and similar, I managed to find a tool ssldump written by Eric Rescorla.
The problem with the given tool is that it's not maintained for several years and compiling was really painful. After an hour of googling and trying I finally managed to compile this tool on F9 x86-64 but running it gave no results except some silly error message about not able to register network handler. The point where this tool generated error was in registering SSL context but it blindly sets out of memory reason. The actual reason was wrong initialization of SSL library, which probably changed somewhat in this three year period.
Anyway, to cut this story short, here is a patch. It resolves several issues, apart from wrong OpenSSL initialization. You should download CVS version of the library, apply patch and then start configure like follows:
$ CFLAGS="-DLINUX -D_BSD_SOURCE" ./configure
I think that "-DLINUX" is necessary on 64-bit Fedora, otherwise configure can not determine that it's linux it is running on. The other define is necessary to include BSD compatible header files which are assumed by the source.
During both configuration and compilation phases there are several warnings, but none of them fatal, at least I think so. Running this tool on trace provided as a part of qualification tasks yields the following output:
$ ssldump -n -d -r dump.pcap -k kcert.pem
New TCP connection #1: 127.0.0.1(50000) <-> 127.0.0.1(4433)
1 1 0.0010 (0.0010) C>S SSLv2 compatible client hello
Version 3.1
cipher suites
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
SSL2_CK_3DES
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_IDEA_CBC_SHA
SSL2_CK_IDEA
SSL2_CK_RC2
TLS_DHE_DSS_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
SSL2_CK_RC4
SSL2_CK_RC464
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_DSS_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
SSL2_CK_DES
TLS_DHE_DSS_WITH_RC2_56_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_MD5
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
SSL2_CK_RC2_EXPORT40
TLS_RSA_EXPORT_WITH_RC4_40_MD5
SSL2_CK_RC4_EXPORT40
1 2 0.0045 (0.0035) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
98 0e 3b c2 54 ae 71 b9 92 31 34 64 cf 2c ec 5b
42 eb 9d af 9f 5d ea c8 68 20 b1 8d fa d1 33 a2
cipherSuite TLS_RSA_WITH_AES_256_CBC_SHA
compressionMethod NULL
1 3 0.0045 (0.0000) S>C Handshake
Certificate
1 4 0.0045 (0.0000) S>C Handshake
ServerHelloDone
1 5 0.0092 (0.0047) C>S Handshake
ClientKeyExchange
1 6 0.0092 (0.0000) C>S ChangeCipherSpec
1 7 0.0092 (0.0000) C>S Handshake
Finished
1 8 0.0207 (0.0114) S>C ChangeCipherSpec
1 9 0.0207 (0.0000) S>C Handshake
Finished
1 10 8.4461 (8.4253) C>S application_data
---------------------------------------------------------------
---------------------------------------------------------------
1 11 8.4461 (0.0000) C>S application_data
---------------------------------------------------------------
The key is "Antiorgastic Steep"
---------------------------------------------------------------
1 12 9.8354 (1.3893) C>S Alert
level warning
value close_notify
1 9.8355 (0.0001) C>S TCP FIN
1 9.8576 (0.0220) S>C TCP FIN
Plain, nice and easy. :)