How to decrypt service to service SSL traffic using wireshark?

5
votes

Using fiddler causes some of the applications to stop working correctly on my windows machine. I want to use wireshark to decrypt all ssl traffic between my tomcat and a remote server. All traffic is https.

I was able to set environment variable SSLKEYLOGFILE and decrypt all SSL traffic generated by the browser. But that does not work for service to service calls. Having access to the private key of tomcat does not help anymore because of something called forward secrecy (I don't know much about that). From what i read having access to the session key is the easiest way to decrypt in wireshark.

So my problem can be solved if someone can answer any one of the following questions.

1>Is there a way to get tomcat 8 to spit out session keys to a file so that wireshark can use it to decrypt SSL traffic. I am using java 8.

2>Is there a tool that does not redirect traffic thru a proxy, but is able to decrypt SSL traffic out of my machine?

2
javatomcatsslhttpswireshark
What cipher suite is being used? Can you limit the cipher suites being used? Finally, do you have access to the server's private key?Christopher Schultz
I have access to tomcat's private key. I can limit the cipher suites on the machine that has the tomcat running.developer747

2 Answers

5
votes

You can extract the keys needed by Wireshark from any Java application using the extract-ssl-secrets tool.

  • Download the jar locally from https://repo1.maven.org/maven2/name/neykov/extract-ssl-secrets/1.0.0/extract-ssl-secrets-1.0.0.jar. Make sure you keep the file name the same - extract-ssl-secrets-1.0.0.jar.
  • Add CATALINA_OPTS="${CATALINA_OPTS} -javaagent:<absolute path to>/extract-ssl-secrets-1.0.0.jar=/tmp/secrets.log" to CATALINA_BASE/bin/setenv.sh (create it if missing)
  • Start Wireshark with wireshark -o ssl.keylog_file:/tmp/secrets.log
  • Start capturing the traffic - it should be decrypted on-the-fly

See troubleshooting section if it doesn't work right out of the box.

2
votes

You can do this if you have:

  1. The server's private key (RSA only)
  2. You can limit the cipher suites used for TLS handshake

Steps:

  1. Grab the server's private key and give it to Wireshark.
    1. Go to Wireshark's preferences | Protocols | SSL
    2. Click "Edit..." next to "RSA keys list"
    3. Add your RSA private key to the list of keys available to wireshark
  2. Configure your client to limit the TLS cipher suites so that no ECDHE or DHE cipher suites are available. Examples of acceptable cipher suites are SSL_RSA_WITH_3DES_EDE_CBC_SHA or TLS_RSA_WITH_AES_128_CBC_SHA256.

The reason you have to limit the cipher suites is because these days, TLS will use an ephemeral key exchange algorithm (DHE!). This is what makes Perfect Forward Secrecy (PFS) work. You have to break the PFS so that the compromised RSA key (you have "compromised" it by listening-in with Wireshark) can be used to sniff the conversation.

The good news is that you don't have to mess-around with tricking the client or server to drop the ephemeral key somewhere like you did with your web browser. The bad news is that you have had to expose your server key to another host (your workstation where Wireshark is running) and you had to degrade your conversation's security. But this is only for testing, right? ;)