Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to reach used cipher key of current SSL connection under Firefox?

Tags:

ssl

firefox

firefox-addon

I would like have one quick question. Is there any addon for Firefox or tool how to get session key generated from master secret during SSL handshake by which is encoded symmetrically whole client/server communication? I need it due to decoding of communication (POST/GET/etc..) via Wireshark or PCAP library. As I can see Firebug is showing decrypted communication so I hope there exist some proper ways how to reach this session key :)

Thank you all for a help.

like image 920
ITman Avatar asked Feb 11 '12 20:02

ITman

2 Answers

I have good news for you. You can actually get the Master-Key data that you need from both Firefox and Chrome. And you can use the output file in Wireshark to decrypt the SSL/TLS traffic without the need for the private key from the SSL/TLS server. Check out "Method 2" here: http://www.root9.net/2012/11/ssl-decryption-with-wireshark-private.html

As a tip, if you don't want to reboot your machine just open a command prompt and run:

set SSLKEYLOGFILE=c:\sslKeyLogFile.txt

"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

Since Firefox is being launched from the same session that you added the environment variable in, it will launch with that variable set. Otherwise a restart of Windows will be required after setting it in the System settings dialogs.

I also want to point out that the answer from Chris wasn't necessarily wrong, this is a fairly new feature. It didn't make it into release until Wireshark 1.6.

like image 70
hawkbat05 Avatar answered Oct 05 '22 11:10

hawkbat05

If you want to use Wireshark then the pre master secret will be of no use for you (you refer to it as 'cipher key' in your question).

Wireshark can only decrypt traffic if you specify the RSA private key of the server, which doesn't change on every connection unlike the pre master secret. However, you can't get that through your browser or anything else for obvious reasons.

If you want to decrypt SSL traffic I suggest using an intermediate proxy instead, like Fiddler. It does not passively capture traffic but proxies the traffic, which enables it to actually decrypt the data sent and received.

like image 36
Chris Avatar answered Oct 05 '22 09:10

Chris
Sign in to Comment

Related questions

Javascript Speed - Chrome v Firefox
How to get the coordinates of the end of selected text with javascript?
Cancel an HTTP GET request from Firefox Extension
Downloading files with a Firefox addon
Styling of disabled input elements - discrepancy between Chrome and Firefox
Most efficient way to add remove classes with JavaScript
Example Maven pom.xml for Java based Selenium WebDriver project for Firefox
Firefox is not adhering to the 'disabled' attribute for rel=stylesheet links
Selenium::WebDriver::Error::UnhandledAlertError) after dismissing the alert
alert() and console.log() not working in Firefox 26
get margin-left using jquery not working in firefox
Firefox animation not starting on toggle display style
How to make permanent changes to a website's CSS from within the browser?
how to set equal font size in table cells for mobile device html pages
Vertical scroll rendering issue in Flexbox in Firefox [duplicate]
Display Issues with Roboto Font from Materialize in Firefox
How to see generated source on firefox quantum?
Button background color is not showing on edge, but working on Firefox and Chrome
How do I stop Firefox from forcing https:// on local development server?
browser.tabs is undefined in firefox extension

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!