Sloop
03-16-2007, 01:31 PM
Hi @ll,
I have an application that sends data to a ******* server (i.e. https://*******-server.com:44*) via port 44*. When I use WireShark to sniff the connection I can see, that SSLv* is used. I only see on the sniffing result, that SSL handshakes, authentification, exchaning keys, etc... occurs. But I am not able to see the application data which is sent through SSL. To be able to see that I need to have the proper private key.
I heard that it's possible to get the private key of the SSL data by process monitoring and dumping my application. Someone told me that it can be done either by "userdump.exe" (by creating a dump file of the running application) or by lookin live into the process with "OllyDbg" for example. My problem is that I never worked with such deb***ers, neither with userdump.exe nore with a Deb***er. Can someone give me a hint where to find useful tutorials for doin' that? Any help appreciated.
Big Thanks in advance!
I have an application that sends data to a ******* server (i.e. https://*******-server.com:44*) via port 44*. When I use WireShark to sniff the connection I can see, that SSLv* is used. I only see on the sniffing result, that SSL handshakes, authentification, exchaning keys, etc... occurs. But I am not able to see the application data which is sent through SSL. To be able to see that I need to have the proper private key.
I heard that it's possible to get the private key of the SSL data by process monitoring and dumping my application. Someone told me that it can be done either by "userdump.exe" (by creating a dump file of the running application) or by lookin live into the process with "OllyDbg" for example. My problem is that I never worked with such deb***ers, neither with userdump.exe nore with a Deb***er. Can someone give me a hint where to find useful tutorials for doin' that? Any help appreciated.
Big Thanks in advance!