Wireshark mailing list archives
EAP-PEAP - Decryption of SSL traffic
From: teknet9 <teknet9 () o2 pl>
Date: Fri, 11 Jan 2013 07:20:46 +0100
Hello Team, Everybody, I want to decrypt SSL traffic inside 802.1x/EAP-PEAP packets. I can see that SSL decryption works fine, but only when it's encapsulated into TCP. Are there any plans to add/fix that plugin so it could decrypt SSL inside EAP-PEAP ? I was wondering to write something for my own, but do not want to reinvent wheel. Question1: Do you know any solution for that ? I have already written perl scritps which extract that SSL traffic from EAP frames, now i just need to decode it (using server private key, most EAP-PEAP servers still uses RSA ciphersuits instead of DH - so it's easy). Now i am wondering if to put that SSL data back into some TCP session (i would have to contruct packet by packet to make sure TCP seq/ack is fine) and then use wireshark to decrypt that SSL. Question2: Let's assume that i will put that SSL into TCP session and wireshark will decrypt it. Will wireshark decode decrypted content ? (MSCHAPv2 session) ? Best Regards, Michal Garcarz
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- EAP-PEAP - Decryption of SSL traffic teknet9 (Jan 10)
- Re: EAP-PEAP - Decryption of SSL traffic Jaap Keuter (Jan 10)