We have the private key and all we have to do is to use it and decrypt the TLS packets. Save that as a text file ( private_key.txt). Do a TCP stream, you can see the transferred private key. The first task is to retrieve the private key file from the FTP traffic. TLS has the actual flag, FTP has the private key to decrypt the TLS traffic and SMTP has the clue that will help us in filtering the traffic of interest i.e the right TLS packets. From the given PCAP file you must have noticed the traffic from OSCP, HTTP, FTP, SMTP and TLS protocol.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |