Penetration Testing mailing list archives
Re: OpenVPN traffic
From: lorddoskias <lorddoskias () gmail com>
Date: Tue, 15 Dec 2009 18:19:59 +0000
David Howe wrote:
Openvpn uses TLS for encryption so anything that can break TLS session can break the openvpn encryption scheme - it's more likely for you to be able to do a mitm where you forge certificates so that you can read the traffic and redirect it. Google for SSL mitm.Hi all, Does anyone know of anything that can decrypt, analyse, decapsulate or explain traffic captured from an OpenVPN session? there is no Wireshark dissector, nor can I find anything to de-encapsulate the real traffic even if the secret key / shared secret is known. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Pentest Cisco Paulo Ribeiro (Dec 08)
- Re: Pentest Cisco Daniel Hood (Dec 08)
- OpenVPN traffic David Howe (Dec 15)
- Re: OpenVPN traffic lorddoskias (Dec 15)
- Re: OpenVPN traffic Chris Clymer (Dec 15)
- Re: OpenVPN traffic David Howe (Dec 15)
- Message not available
- Re: OpenVPN traffic David Howe (Dec 21)
- OpenVPN traffic David Howe (Dec 15)
- Re: Pentest Cisco Daniel Hood (Dec 08)