Kaian
commented
1 year ago Hi @os11k
Can you point me to some project or sample code of TLS decrypting using eBPF?
Thanks!!
Open os11k opened 1 year ago
Kaian
commented
1 year ago Hi @os11k
Can you point me to some project or sample code of TLS decrypting using eBPF?
Thanks!!
os11k
commented
1 year ago Hi @Kaian !
I was able to read TLS SIP packets with running pre-compiled code from this package:
https://github.com/gojue/ecapture
Additionally QXIP SIPCAPTURE, has this project, I never tried it though:
https://github.com/sipcapture/rtcagent
Thank you!
sergey-safarov
commented
4 days ago I agree this will be a good feature to view signaling. The reason is that this mode can be captured TLS traffic on the server at any time, and does not require decrypting the whole TLS connection. But also has disadvantages, requiring the construction of network packets to save SIP messages.
Hi,
This is more a feature request. eBpf allows to capture TLS packets. It would be fantastic if sngrep can use it and capture TLS without need of recompiling and cert. :)
Thank you!