Consider an application using OpenSSL which has a bug. A packet capture of the full SSL session is available, as well as a core dump and debugging symbols for the application and libraries. A RSA private key is also available, but since a DHE cipher suite is in use, this cannot be used to decrypt the packet capture using Wireshark.
Thomas suggests in this post that it is possible to extract keys from RAM. How could this be done for OpenSSL? Assume that the address of the SSL data structure is known and TLS 1.0 is in use.
Aucun commentaire:
Enregistrer un commentaire