Wireshark-users: Re: [Wireshark-users] wireshark ssl decryption for dummies
From: "authesserre samuel" <[email protected]>
Date: Wed, 13 Sep 2006 10:35:39 +0200
Hi,

The first part of the log file say : the key is correctly registred
for this port (127.0.0.1:3700 associated with server.key)
but the second part of the log file show that youre trying to decrypt
data on 11.38.144.142:3700 this can't work

try to replace 127.0.0.1 by the IP address of youre server (11.38.144.142 ?)

regards,

Samuel

On 9/13/06, Andrew Schweitzer <[email protected]> wrote:
ronnie sahlberg wrote:
> can you try to put the key file in the same directory as the trace
> and specify the key file without a path :
> 127.0.0.1 <http://127.0.0.1/>,3700,data,server.key
>
log file says:

association_remove_handle removing ptr 0496FED0 handle 0293D878
association_remove_handle removing ptr 04970368 handle 0293A138
association_remove_handle removing ptr 0496C350 handle 02920F88
association_remove_handle removing ptr 04970380 handle 02A78A40
ssl_init keys string 127.0.0.1,3700,data,e:\ethercap\server.key
ssl_init found host entry 127.0.0.1,3700,data,e:\ethercap\server.key
ssl_init addr 127.0.0.1 port 3700 filename e:\ethercap\server.key
ssl_get_version: 1.5.0
ssl_init private key file e:\ethercap\server.key successfully loaded
association_add port 3700 protocol data handle 02758DD0
association_add port 443 protocol http handle 0293D878
association_add port 636 protocol ldap handle 0293A138
association_add port 993 protocol imap handle 02920F88
association_add port 995 protocol pop handle 02A78A40
ssl_session_init: initializing ptr 04F63300 size 568
association_find: port 3700 found 04B262B0
packet_from_server: is from server 1
dissect_ssl server 11.38.144.142:3700
dissect_ssl can't find private key for this server!
dissect_ssl3_record: content_type 23
association_find: port 3700 found 04B262B0
dissect_ssl3_record: content_type 23
association_find: port 3700 found 04B262B0
ssl_session_init: initializing ptr 04F61978 size 568
association_find: port 1032 found 00000000
packet_from_server: is from server 0
dissect_ssl server 11.38.144.142:3700
dissect_ssl can't find private key for this server!
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 1 offset 5 lenght 43 bytes,
remaning 52
dissect_ssl3_record: content_type 22
dissect_ssl3_handshake iteration 1 type 2 offset 5 lenght 70 bytes,
remaning 79
dissect_ssl3_record: content_type 22

_______________________________________________
Wireshark-users mailing list
[email protected]
http://www.wireshark.org/mailman/listinfo/wireshark-users


--
Authesserre Samuel
12 rue de la défense passive
14000 CAEN
FRANCE
06-27-28-13-32
[email protected]