PDA

View Full Version : [help]Sniffing encrypted traffic with-out breaking the encryption?



mandi
02-10-2011, 10:52 AM
I have been playing with sniffers in some networks,but after a point i am bored of traditional sniffing,most people here using some sort of encryptions like ssl,ssh,IP-SEC,Also as IP-V4 addresses are going to get exhausted in a few days,so IP-V6 with default IP-SEC will be implemented every where in the future i think,I tought of learning some advanced sniffing techniques,Also i looked in to traditional ssl stripping,but it is easily detectable,i am looking for some ways to sniff the encrypted traffic with-out breaking the encryption,i hope it would be tough,but i believe still it is possible,..
Looking for some help,ideas,reference from the members here,

Hope i will get some useful inputs...

d4rkd4wn
02-10-2011, 11:47 AM
Hey mandi I didn’t get your point. why you ve to decrypt the encryption when sniffing?:confused: as you were playing with sniffers you should ve seen the captured encrypted packets in the sniffer(you can sniff encrypted traffic):). are you trying to say that you are not able see the data in clear text?
correct me if i am wrong.

mandi
02-10-2011, 01:00 PM
i can see the traffic sir,but i want to re-encrypt the things and make sure that my victim should not know i am sniffing his traffic,that is my main concern,
Also for me sniffing the IP-SEC is tough for me..
because of the bla bla security mechanisms like ESP headers and other data integrity constraints..

hope you got my question now,

d4rkd4wn
02-10-2011, 03:08 PM
define:sniffed in google .. thanks for the info

mandi
02-10-2011, 03:55 PM
can't get u? any more useful advice please?

d4rkd4wn
02-10-2011, 04:57 PM
can you please explain me what exactly you want to do with sniffer...are you confused between proxy and sniffer or you really want to do as you have asked the question?

mandi
02-10-2011, 11:55 PM
I want to see the plain text aka traffic inside the encryption with-out getting known to the victim,

in simple i want to do like this ..

victims encrypted traffic------> attacker decrypt the traffic and re-encrypt it---------->victims destination

d4rkd4wn
02-11-2011, 11:16 AM
Thanks for description mandi..
http://www.windowsecurity.com/whitepapers/Sniffing_network_wiretap_sniffer_FAQ_.html
this whitepaper on sniffing may help you:)