SSH Diffie-Hellman exchange Decryptor tool

[uss.thebug at gmail.com (Ulisses Castro)]

Sorry... this "portugese mail" is supposed to be in pvt! To Danilo. =\

Btw, translated version:
A long time ago I saw one guy that talks on DebConf (Argentina) and show a
little trick on Wireshark to made what do you want.

My two cents,

Ulisses

On Wed, May 19, 2010 at 3:39 PM, Ulisses Castro <uss.thebug at gmail.com>wrote:

> Opa! E ae Danilo beleza?
>
> Ent?o h? um temp?o atraz vi uma apresenta??o na Debconf que rolou na
> argentina e o cara que apresentou a falha das chaves de SSH na ?poca
> utilizou o Wireshark para descriptografar o tr?fego "on the fly"... muito
> interessante, nunca fiz nenhum POC relacionado mas fica ae a dica que talvez
> possa te ajudar.
>
> Grande abra?o,
>
> Ulisses
>
>
> On Wed, May 19, 2010 at 2:22 PM, Danilo Nascimento <
> danilonc at bugnotfound.com> wrote:
>
> > Hi Guys!
> >
> > Do you know any tool that can decrypt an SSH traffic that was
> > authenticated via Public-Key?
> > I have both Server private key and User private key, but i can't
> > figure out how i can extract the DH Key and then get the clear ssh
> > session.
> >
> > I've already tried the ssh_decoder (http://www.cr0.org/progs/sshfun/)
> > but there is no option to provide the certificates, it tries
> > brute-forcing the debian vulnerable keys (CVE-2008-0166)
> >
> > Thanks,
> > Danilo Nascimento
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
>
> --
> Ulisses Castro



-- 
Ulisses Castro, CEH, LPIC-2
Security Researcher
Blog: http://ulissescastro.com
Twitter: http://twitter.com/usscastro
Conviso IT Security - http://www.conviso.com.br
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100519/09e2edc6/attachment.htm