search

simsong / tcpflow

TCP/IP packet demultiplexer. Download from:
http://downloads.digitalcorpora.org/downloads/tcpflow/
GNU General Public License v3.0
1.7k stars 236 forks source link

Add SSL decryption #58

Open simsong opened 11 years ago

simsong commented 11 years ago

If you have the server's private key, it should be possible to decrypt...

simsong commented 10 years ago

This can be done using ssldump. It won't work for the new DH-based protocols that implement Perfect Forward Secrecy.

molnarg commented 10 years ago

I would be interested in using tcpflow with ssldump. Any idea how to make ssldump work with tcpflow's output files?

simsong commented 10 years ago

You would need to remove the code from ssldump and integrate it into tcpflow. It's a lot of work. You need to really understand C++.