3
.\" Author: [see the "Authors" section]
4
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
6
.\" Manual: NSS Security Tools
10
.TH "SSLTAP" "1" "19 July 2013" "nss-tools" "NSS Security Tools"
11
.\" -----------------------------------------------------------------
12
.\" * Define some portability stuff
13
.\" -----------------------------------------------------------------
14
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
15
.\" http://bugs.debian.org/507673
16
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
17
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
20
.\" -----------------------------------------------------------------
21
.\" * set default formatting
22
.\" -----------------------------------------------------------------
23
.\" disable hyphenation
25
.\" disable justification (adjust text to left margin only)
27
.\" -----------------------------------------------------------------
28
.\" * MAIN CONTENT STARTS HERE *
29
.\" -----------------------------------------------------------------
31
ssltap \- Tap into SSL connections and display the data going by
33
.HP \w'\fBlibssltap\fR\ 'u
34
\fBlibssltap\fR [\-vhfsxl] [\-p\ port] [hostname:port]
37
This documentation is still work in progress\&. Please contribute to the initial review in
38
\m[blue]\fBMozilla NSS bug 836477\fR\m[]\&\s-2\u[1]\d\s+2
41
The SSL Debugging Tool
43
is an SSL\-aware command\-line proxy\&. It watches TCP connections and displays the data going by\&. If a connection is SSL, the data display includes interpreted SSL records and handshaking
48
Print a version string for the tool\&.
53
Turn on hex/ASCII printing\&. Instead of outputting raw data, the command interprets each record as a numbered line of hex values, followed by the same data as ASCII characters\&. The two parts are separated by a vertical bar\&. Nonprinting characters are replaced by dots\&.
58
Turn on fancy printing\&. Output is printed in colored HTML\&. Data sent from the client to the server is in blue; the server\*(Aqs reply is in red\&. When used with looping mode, the different connections are separated with horizontal lines\&. You can use this option to upload the output into a browser\&.
63
Turn on SSL parsing and decoding\&. The tool does not automatically detect SSL sessions\&. If you are intercepting an SSL connection, use this option so that the tool can detect and decode SSL structures\&.
65
If the tool detects a certificate chain, it saves the DER\-encoded certificates into files in the current directory\&. The files are named cert\&.0x, where x is the sequence number of the certificate\&.
67
If the \-s option is used with \-h, two separate parts are printed for each record: the plain hex/ASCII output, and the parsed SSL output\&.
72
Turn on hex/ASCII printing of undecoded data inside parsed SSL records\&. Used only with the \-s option\&. This option uses the same output format as the \-h option\&.
77
Turn on looping; that is, continue to accept connections rather than stopping after the first connection is complete\&.
82
Change the default rendezvous port (1924) to another port\&.
84
The following are well\-known port numbers:
96
* IMAPS 993 (IMAP over SSL)
100
* NNTPS 563 (NNTP over SSL)
102
.SH "USAGE AND EXAMPLES"
104
You can use the SSL Debugging Tool to intercept any connection information\&. Although you can run the tool at its most basic by issuing the ssltap command with no options other than hostname:port, the information you get in this way is not very useful\&. For example, assume your development machine is called intercept\&. The simplest way to use the debugging tool is to execute the following command from a command shell:
110
$ ssltap www\&.netscape\&.com
116
The program waits for an incoming connection on the default port 1924\&. In your browser window, enter the URL http://intercept:1924\&. The browser retrieves the requested page from the server at www\&.netscape\&.com, but the page is intercepted and passed on to the browser by the debugging tool on intercept\&. On its way to the browser, the data is printed to the command shell from which you issued the command\&. Data sent from the client to the server is surrounded by the following symbols: \-\-> [ data ] Data sent from the server to the client is surrounded by the following symbols: "left arrow"\-\- [ data ] The raw data stream is sent to standard output and is not interpreted in any way\&. This can result in peculiar effects, such as sounds, flashes, and even crashes of the command shell window\&. To output a basic, printable interpretation of the data, use the \-h option, or, if you are looking at an SSL connection, the \-s option\&. You will notice that the page you retrieved looks incomplete in the browser\&. This is because, by default, the tool closes down after the first connection is complete, so the browser is not able to load images\&. To make the tool continue to accept connections, switch on looping mode with the \-l option\&. The following examples show the output from commonly used combinations of options\&.
124
$ ssltap\&.exe \-sx \-p 444 interzone\&.mcom\&.com:443 > sx\&.txt
136
Connected to interzone\&.mcom\&.com:443
139
[ssl2] ClientHelloV2 {
140
version = {0x03, 0x00}
141
cipher\-specs\-length = 39 (0x27)
142
sid\-length = 0 (0x00)
143
challenge\-length = 16 (0x10)
146
(0x010080) SSL2/RSA/RC4\-128/MD5
147
(0x020080) SSL2/RSA/RC4\-40/MD5
148
(0x030080) SSL2/RSA/RC2CBC128/MD5
149
(0x040080) SSL2/RSA/RC2CBC40/MD5
150
(0x060040) SSL2/RSA/DES64CBC/MD5
151
(0x0700c0) SSL2/RSA/3DES192EDE\-CBC/MD5
152
(0x000004) SSL3/RSA/RC4\-128/MD5
153
(0x00ffe0) SSL3/RSA\-FIPS/3DES192EDE\-CBC/SHA
154
(0x00000a) SSL3/RSA/3DES192EDE\-CBC/SHA
155
(0x00ffe1) SSL3/RSA\-FIPS/DES64CBC/SHA
156
(0x000009) SSL3/RSA/DES64CBC/SHA
157
(0x000003) SSL3/RSA/RC4\-40/MD5
158
(0x000006) SSL3/RSA/RC2CBC40/MD5
161
challenge = { 0xec5d 0x8edb 0x37c9 0xb5c9 0x7b70 0x8fe9 0xd1d3
168
0: 16 03 00 03 e5 |\&.\&.\&.\&.\&.
169
type = 22 (handshake)
173
0: 02 00 00 46 |\&.\&.\&.F
174
type = 2 (server_hello)
175
length = 70 (0x000046)
177
server_version = {3, 0}
179
0: 77 8c 6e 26 6c 0c ec c0 d9 58 4f 47 d3 2d 01 45 |
180
wn&l\&.\(`i\&.\&.XOG\&.\-\&.E
181
10: 5c 17 75 43 a7 4c 88 c7 88 64 3c 50 41 48 4f 7f |
183
\e\&.uC\(scL\&.\(,C\&.d<PAHO\&.
188
0: 14 11 07 a8 2a 31 91 29 11 94 40 37 57 10 a7 32 | \&.\&.\&.\(ad*1\&.)\&.\&.@7W\&.\(sc2
189
10: 56 6f 52 62 fe 3d b3 65 b1 e4 13 0f 52 a3 c8 f6 | VoRb\(Tp=\(S3e\(+-\&.\&.\&.R\(Po\(`E\&.
191
cipher_suite = (0x0003) SSL3/RSA/RC4\-40/MD5
193
0: 0b 00 02 c5 |\&.\&.\&.\(oA
194
type = 11 (certificate)
195
length = 709 (0x0002c5)
197
chainlength = 706 (0x02c2)
200
data = { saved in file \*(Aqcert\&.001\*(Aq }
203
0: 0c 00 00 ca |\&.\&.\&.\&.
204
type = 12 (server_key_exchange)
205
length = 202 (0x0000ca)
206
0: 0e 00 00 00 |\&.\&.\&.\&.
207
type = 14 (server_hello_done)
208
length = 0 (0x000000)
214
0: 16 03 00 00 44 |\&.\&.\&.\&.D
215
type = 22 (handshake)
219
0: 10 00 00 40 |\&.\&.\&.@
220
type = 16 (client_key_exchange)
221
length = 64 (0x000040)
223
message = {\&.\&.\&.}
230
0: 14 03 00 00 01 |\&.\&.\&.\&.\&.
231
type = 20 (change_cipher_spec)
237
0: 16 03 00 00 38 |\&.\&.\&.\&.8
238
type = 22 (handshake)
247
0: 14 03 00 00 01 |\&.\&.\&.\&.\&.
248
type = 20 (change_cipher_spec)
256
0: 16 03 00 00 38 |\&.\&.\&.\&.8
257
type = 22 (handshake)
266
0: 17 03 00 01 1f |\&.\&.\&.\&.\&.
267
type = 23 (application_data)
275
0: 17 03 00 00 a0 |\&.\&.\&.\&.
276
type = 23 (application_data)
285
0: 17 03 00 00 df |\&.\&.\&.\&.\(ss
286
type = 23 (application_data)
293
0: 15 03 00 00 12 |\&.\&.\&.\&.\&.
300
Server socket closed\&.
308
The \-s option turns on SSL parsing\&. Because the \-x option is not used in this example, undecoded values are output as raw data\&. The output is routed to a text file\&.
314
$ ssltap \-s \-p 444 interzone\&.mcom\&.com:443 > s\&.txt
326
Connected to interzone\&.mcom\&.com:443
329
[ssl2] ClientHelloV2 {
330
version = {0x03, 0x00}
331
cipher\-specs\-length = 36 (0x24)
332
sid\-length = 0 (0x00)
333
challenge\-length = 16 (0x10)
335
(0x010080) SSL2/RSA/RC4\-128/MD5
336
(0x020080) SSL2/RSA/RC4\-40/MD5
337
(0x030080) SSL2/RSA/RC2CBC128/MD5
338
(0x060040) SSL2/RSA/DES64CBC/MD5
339
(0x0700c0) SSL2/RSA/3DES192EDE\-CBC/MD5
340
(0x000004) SSL3/RSA/RC4\-128/MD5
341
(0x00ffe0) SSL3/RSA\-FIPS/3DES192EDE\-CBC/SHA
342
(0x00000a) SSL3/RSA/3DES192EDE\-CBC/SHA
343
(0x00ffe1) SSL3/RSA\-FIPS/DES64CBC/SHA
344
(0x000009) SSL3/RSA/DES64CBC/SHA
345
(0x000003) SSL3/RSA/RC4\-40/MD5
348
challenge = { 0x713c 0x9338 0x30e1 0xf8d6 0xb934 0x7351 0x200c
353
type = 22 (handshake)
357
type = 2 (server_hello)
358
length = 70 (0x000046)
360
server_version = {3, 0}
366
cipher_suite = (0x0003) SSL3/RSA/RC4\-40/MD5
368
type = 11 (certificate)
369
length = 709 (0x0002c5)
371
chainlength = 706 (0x02c2)
374
data = { saved in file \*(Aqcert\&.001\*(Aq }
377
type = 12 (server_key_exchange)
378
length = 202 (0x0000ca)
379
type = 14 (server_hello_done)
380
length = 0 (0x000000)
386
type = 22 (handshake)
390
type = 16 (client_key_exchange)
391
length = 64 (0x000040)
393
message = {\&.\&.\&.}
400
type = 20 (change_cipher_spec)
405
type = 22 (handshake)
413
type = 20 (change_cipher_spec)
420
type = 22 (handshake)
428
type = 23 (application_data)
436
type = 23 (application_data)
444
type = 23 (application_data)
456
Server socket closed\&.
464
In this example, the \-h option turns hex/ASCII format\&. There is no SSL parsing or decoding\&. The output is routed to a text file\&.
470
$ ssltap \-h \-p 444 interzone\&.mcom\&.com:443 > h\&.txt
482
Connected to interzone\&.mcom\&.com:443
484
0: 80 40 01 03 00 00 27 00 00 00 10 01 00 80 02 00 | \&.@\&.\&.\&.\&.\*(Aq\&.\&.\&.\&.\&.\&.\&.\&.\&.
485
10: 80 03 00 80 04 00 80 06 00 40 07 00 c0 00 00 04 | \&.\&.\&.\&.\&.\&.\&.\&.\&.@\&.\&.\&.\&.\&.\&.
486
20: 00 ff e0 00 00 0a 00 ff e1 00 00 09 00 00 03 00 | \&.\&.\&.\&.\&.\&.\&.\&.\('a\&.\&.\&.\&.\&.\&.\&.
487
30: 00 06 9b fe 5b 56 96 49 1f 9f ca dd d5 ba b9 52 | \&.\&.\(Tp[V\&.I\&.\exd9 \&.\&.\&.\(Om\(S1R
491
0: 16 03 00 03 e5 02 00 00 46 03 00 7f e5 0d 1b 1d | \&.\&.\&.\&.\&.\&.\&.\&.F\&.\&.\&.\&.\&.\&.\&.
492
10: 68 7f 3a 79 60 d5 17 3c 1d 9c 96 b3 88 d2 69 3b | h\&.:y`\&.\&.<\&.\&.\(S3\&.\(`Oi;
493
20: 78 e2 4b 8b a6 52 12 4b 46 e8 c2 20 14 11 89 05 | x\&.K\&.\(bbR\&.KF\(`e\&. \&.\&.\&.
494
30: 4d 52 91 fd 93 e0 51 48 91 90 08 96 c1 b6 76 77 | MR\&.\('y\&.\&.QH\&.\&.\&.\&.\&.\(psvw
495
40: 2a f4 00 08 a1 06 61 a2 64 1f 2e 9b 00 03 00 0b | *\(^o\&.\&.\(r!\&.a\(ctd\&.\&.\&.\&.\&.\&.
496
50: 00 02 c5 00 02 c2 00 02 bf 30 82 02 bb 30 82 02 | \&.\&.\(oA\&.\&.\&.\&.\&.\&.0\&.\&.\&.0\&.\&.
497
60: 24 a0 03 02 01 02 02 02 01 36 30 0d 06 09 2a 86 | $ \&.\&.\&.\&.\&.\&.\&.60\&.\&.\&.*\&.
498
70: 48 86 f7 0d 01 01 04 05 00 30 77 31 0b 30 09 06 | H\&.\(di\&.\&.\&.\&.\&.\&.0w1\&.0\&.\&.
499
80: 03 55 04 06 13 02 55 53 31 2c 30 2a 06 03 55 04 | \&.U\&.\&.\&.\&.US1,0*\&.\&.U\&.
500
90: 0a 13 23 4e 65 74 73 63 61 70 65 20 43 6f 6d 6d | \&.\&.#Netscape Comm
501
a0: 75 6e 69 63 61 74 69 6f 6e 73 20 43 6f 72 70 6f | unications Corpo
502
b0: 72 61 74 69 6f 6e 31 11 30 0f 06 03 55 04 0b 13 | ration1\&.0\&.\&.\&.U\&.\&.\&.
503
c0: 08 48 61 72 64 63 6f 72 65 31 27 30 25 06 03 55 | \&.Hardcore1\*(Aq0%\&.\&.U
504
d0: 04 03 13 1e 48 61 72 64 63 6f 72 65 20 43 65 72 | \&.\&.\&.\&.Hardcore Cer
505
e0: 74 69 66 69 63 61 74 65 20 53 65 72 76 65 72 20 | tificate Server
506
f0: 49 49 30 1e 17 0d 39 38 30 35 31 36 30 31 30 33 | II0\&.\&.\&.9805160103
507
<additional data lines>
509
<additional records in same format>
510
Server socket closed\&.
518
In this example, the \-s option turns on SSL parsing, and the \-h option turns on hex/ASCII format\&. Both formats are shown for each record\&. The output is routed to a text file\&.
524
$ ssltap \-hs \-p 444 interzone\&.mcom\&.com:443 > hs\&.txt
536
Connected to interzone\&.mcom\&.com:443
538
0: 80 3d 01 03 00 00 24 00 00 00 10 01 00 80 02 00 | \&.=\&.\&.\&.\&.$\&.\&.\&.\&.\&.\&.\&.\&.\&.
539
10: 80 03 00 80 04 00 80 06 00 40 07 00 c0 00 00 04 | \&.\&.\&.\&.\&.\&.\&.\&.\&.@\&.\&.\&.\&.\&.\&.
540
20: 00 ff e0 00 00 0a 00 ff e1 00 00 09 00 00 03 03 | \&.\&.\&.\&.\&.\&.\&.\&.\('a\&.\&.\&.\&.\&.\&.\&.
541
30: 55 e6 e4 99 79 c7 d7 2c 86 78 96 5d b5 cf e9 |U\&.\&.y\(,C\exb0 ,\&.x\&.]\(mc\(:I\('e
543
[ssl2] ClientHelloV2 {
544
version = {0x03, 0x00}
545
cipher\-specs\-length = 36 (0x24)
546
sid\-length = 0 (0x00)
547
challenge\-length = 16 (0x10)
549
(0x010080) SSL2/RSA/RC4\-128/MD5
550
(0x020080) SSL2/RSA/RC4\-40/MD5
551
(0x030080) SSL2/RSA/RC2CBC128/MD5
552
(0x040080) SSL2/RSA/RC2CBC40/MD5
553
(0x060040) SSL2/RSA/DES64CBC/MD5
554
(0x0700c0) SSL2/RSA/3DES192EDE\-CBC/MD5
555
(0x000004) SSL3/RSA/RC4\-128/MD5
556
(0x00ffe0) SSL3/RSA\-FIPS/3DES192EDE\-CBC/SHA
557
(0x00000a) SSL3/RSA/3DES192EDE\-CBC/SHA
558
(0x00ffe1) SSL3/RSA\-FIPS/DES64CBC/SHA
559
(0x000009) SSL3/RSA/DES64CBC/SHA
560
(0x000003) SSL3/RSA/RC4\-40/MD5
563
challenge = { 0x0355 0xe6e4 0x9979 0xc7d7 0x2c86 0x7896 0x5db
568
<additional records in same formats>
569
Server socket closed\&.
576
When SSL restarts a previous session, it makes use of cached information to do a partial handshake\&. If you wish to capture a full SSL handshake, restart the browser to clear the session id cache\&.
578
If you run the tool on a machine other than the SSL server to which you are trying to connect, the browser will complain that the host name you are trying to connect to is different from the certificate\&. If you are using the default BadCert callback, you can still connect through a dialog\&. If you are not using the default BadCert callback, the one you supply must allow for this possibility\&.
581
The NSS Security Tools are also documented at
582
\m[blue]\fBhttp://www\&.mozilla\&.org/projects/security/pki/nss/\fR\m[]\&\s-2\u[2]\d\s+2\&.
583
.SH "ADDITIONAL RESOURCES"
585
For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at
586
\m[blue]\fBhttp://www\&.mozilla\&.org/projects/security/pki/nss/\fR\m[]\&. The NSS site relates directly to NSS code changes and releases\&.
588
Mailing lists: https://lists\&.mozilla\&.org/listinfo/dev\-tech\-crypto
590
IRC: Freenode at #dogtag\-pki
593
The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google\&.
595
Authors: Elio Maldonado <emaldona@redhat\&.com>, Deon Lackey <dlackey@redhat\&.com>\&.
598
Licensed under the Mozilla Public License, v\&. 2\&.0\&. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla\&.org/MPL/2\&.0/\&.
601
Mozilla NSS bug 836477
603
\%https://bugzilla.mozilla.org/show_bug.cgi?id=836477
606
http://www.mozilla.org/projects/security/pki/nss/
608
\%http://www.mozilla.org/projects/security/pki/nss/tools