Hi folks,
Searching in the archives I saw that many have encountered similar problems, but yet I wasn't able to find a resolution.
In the attached file you can find the a pcap containing tunneled ssl traffic over http (over port 8888) the private encryption key and the full ssl debug log file. Wireshark just to decrypt any of the application block, but maybe I'm missing something. In the configuration I have added 8888 as a http port, and "10.0.0.52,8888,http,c:\temp\charles.key" under ssl.
In the ssl debug log I get the following interesting errors:
ssl_generate_keyring_material not enough data to generate key (0x17 required 0x37 or 0x57)
dissect_ssl3_hnd_srv_hello can't generate keyring material
ssl_decrypt_pre_master_secret:RSA_private_decrypt
pcry_private_decrypt: decrypted data is too long ?!? (256 max 128)
ssl_decrypt_pre_master_secret wrong pre_master_secret length (0, expected 48)
dissect_ssl3_handshake can't decrypt pre master secret
If any one could crack the code, s/he would not only have my eternal gratitude but would also be able to see my encrypted data (* that may or may not be interesting and useful for evil purposes).
Thanks,
-r
Attachment:
charles.zip
Description: Zip archive
