Results 1 to 10 of 10

Thread: SSL Encryption

  1. #1
    Junior Member
    Join Date
    May 2005
    Posts
    28

    SSL Encryption

    OK, My network security knowledge is not very good. I am doing some basic pentesting on my network because i know for a fact a buncha kids wardrive around my neighborhood for fun (i run wireless, WEP encryption). I know I should use WPA, just havent gotten around to it yet. My question is this. Let's say some kiddies break into my wireless network and sniff some packets. Let's say I am logging into gmail (which uses SSL) and the kiddies sniff the packets being sent with my user/pass. Now I assume this enformation is encrypted in the packet, so the user/pass cannot be directly read, but will cracking tools such as john or a rainbow crack work on SSL encryption?? If so, is there any defense against such an attack besides securing the wireless network they entered on. I guess, can SSL encryption be cracked, or can i rest easy even if the packets are sniffed?? Thanks for the help
    An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"

    My tea is extra hot.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    I don't think I've heard of SSL being cracked per say. However, tools like ettercap or Cain'n'Abel can "inject" themselves just before the SSL connection is created. While it's a basic description this site does give an idea of how it works (and from that you should be able to see a small window of opportunity).

    If so, is there any defense against such an attack besides securing the wireless network they entered on.
    SSH-2 tunnelling or VPN tunnelling are probably the best options.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Junior Member
    Join Date
    May 2005
    Posts
    28
    spank you
    An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"

    My tea is extra hot.

  4. #4
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    spank you
    Please move to the rear of the line.....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  5. #5
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    spank you
    Please move to the rear of the line.....

    My, my... we are getting kinky. Who knew that Security could be so "thexy"?

    wait.. nevermind. Don't answer that..
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  6. #6
    Junior Member
    Join Date
    May 2005
    Posts
    28
    get a room
    An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"

    My tea is extra hot.

  7. #7
    Senior Member
    Join Date
    Mar 2003
    Posts
    372
    there was an SSL cracking tool that came out a few years back, but it didn't crack the packets that were offloaded but was an inline stream hack IIRC. I can't recall the name of the tool at the moment, but I'll find it and post later.

    Stuff like John the Ripper can't touch SSL encrypted packets, and as far as I know there isn't a Rainbow table on SSL.

    I wouldn't worry /too/ much about someone cracking sniffed SSL packets as it will probably be too much work for the average skiddie to bother with. They are looking for soft targets

    Give a man a match and he will be warm for a while, light him on fire and he will be warm for the rest of his life.

  8. #8
    http://www.rtfm.com/ssldump/

    It's a good demonstration tool. tcpdump modified. But packets cannot be decoded without the SSL cert and password.

  9. #9
    Senior Member Spyrus's Avatar
    Join Date
    Oct 2002
    Posts
    741
    what noone seemed to mention is that while your sense of security is great its border line paranoid..... I dont think I would worry too much about your wep being cracked and then on top of that your ssl connection being cracked. If you are on that paranoid line (which it seems you are) I would regularly change your wep keys and when you get a chance setup wep... in my experience most wardrivers just look for easy targets and dont mess with wep protected networks...

    dont mistake me some may take the time and effort and find it more fun but I dont think they will take the time to break the encryption and try to mess with the ssl packets
    Duct tape.....A whole lot of Duct Tape
    Spyware/Adaware problem click
    here

  10. #10
    Junior Member
    Join Date
    May 2005
    Posts
    28
    I am not that paranoid. This was more outa curiousity. Even if an SSL dumped packet could be cracked, I doubt I would really change anything with my home network. I was just curious if such a thing was possible. Thanks for the analysis doc
    An ancient chinese man once told me: \"The hotter the tea, the bigger the wang.\"

    My tea is extra hot.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •