CODEWITHSUNDEEP
pythonsslhttpsutf-8scapy
Eyni Kave
Eyni Kave

Reputation: 1530

Decrypt SSL/TLS with specific Private Key via SCAPY

I want to decrypt HTTPS traffic for my domain on my server with scapy.

Then I have the original international registered certificate (TLS1.3) files for my domain...

And it must be so much easy to do this with scapy BUT I can not find any solution anywhere and this is so crazy.

For example I was try these solutions, but they not working with no bug and crash :

Finaly I was writting a sample code BUT it raising below error and I try too much to fix it but cant understand the problem and clear solution:

value Error: ciphertext length must be equal to key size

import os, sys
import ssl
from scapy import *
from scapy.all import *
from scapy.layers import *
from scapy.layers.tls import *
from scapy.layers import inet
from scapy.layers.inet import *
import socket, select
import binascii
import io
from io import StringIO

load_layer("tls")
c = Cert("SSL/STAR_mydomain_com.crt")
k=PrivKey("SSL/private.key")

########### Unit-Test Encrypt/Decrypt Run OK ########### 
#M = bytes("message to be encrypted".encode())
#enc = c.encrypt(M, t='oaep')
#print(enc)
#dec = k.decrypt(enc, t='oaep')
#print(dec)

while True:
    s = sniff(filter="port 443", count=10)
    ch_list = [p for p in s]
    if len(ch_list)>0:
        for pkt in ch_list:
            p_layer = pkt.getlayer('IP')
            src = p_layer.src
            dst = p_layer.dst
            if (src=='my-server-ip') or (dst=='my-server-ip'):
                if ('TLSEncryptedContent' in str(type(pkt['TCP'].payload))):
                    
                    ########### any 3 below commands go in same error ############## 
                    ########### and i was try 'pss' instead of 'oaep' but same error 
                    
                    dec2 = k.decrypt(pkt['TCP'].payload, t='oaep')
                    #dec2 = k.decrypt(bytes(pkt['TCP'].payload), t='oaep')
                    #dec2 = k.decrypt(bytes(pkt['TCP'].payload).decode('UTF8', 'replace'), t='oaep')
                    
                    print(dec2)
                
    else:
        print('...passed')

If you have any solution then please share it and I will test and share the result with no negative score.

NOTE: I don't need Philosophy, I have so many reference about that, I know so many developers say that this is impossible and make their Philosophy logics for it. please and please if you have the answer then share the code snippet references, if not leave it, because some groups solve this but they don't share their solutions. Tanx.

example Groups That SOLVE this but not share their code: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/decryption/decryption-concepts/tlsv13-ssl-decryption-support.html

Then this is possible but who knows the codes?

Upvotes: 2

Views: 2648

Answers (1)

David Oldford
David Oldford

Reputation: 1175

What you are trying to do is not going to work. SSL/TLS certificates are only used for authentication in TLS 1.3 and in lower versions unless you configure the server to only support RSA key exchange your server is going to pick Diffie Hellman. If the client and server negotiate the use of Diffie Hellman (which again is mandatory for TLS 1.3,) then you can not decrypt data connections with the cert and the private key for the server even if you work through the issues you have in your code.

If you were to downgrade the version of TLS and configure the server to use RSA and browsers were willing to play ball by accepting the use of RSA then in theory what you want to do can be done but you're nowhere near the code you'd need. You seem to just be naively trying to decrypt all TLS/SSL packets with the private key for your server. This is not even close to what would work. You'd need to assemble the streams and identify the session key portion of the key exchange and decrypt that with the private key then use that to decrypt the rest of the data in the stream. As part of that you have to identify and track different streams (ie associate packets to them). This approach is a lot of work and frankly makes no sense.

Better approaches would be:

  • Use a proxy like relayd or sslstrip that will act as the web server strip off the encryption and then forward unencrypted traffic between itself and your web server (you can just view this traffic)
  • (still kinda crazy) modify the source to your web server to log all of it's traffic somewhere you can get it after the traffic has been decrypted.

Upvotes: 1

Related Questions