CloudShark

Tagged: Ssl

Wednesday, Oct 11, 2017

Getting and using KEYLOG files from cURL

Trying to debug a web application that is dependent on running over a secure connection is difficult. It used to be that it required you to have the private key (in RSA format) in order to do so, and for those situations, CloudShark Enterprise’s RSA Key Management system is ideal. The alternative is to grab a “keylog” file from your browser and use that within CloudShark to decrypt the stream.

Read the whole entry »


Thursday, Jul 2, 2015

How do you debug web applications that use encrypted channels?

Well, it’s official; the IETF has officially deprecated SSLv3.0. This means that it’s now a protocol violation to fall back to it. This is good news, since the number and types of attacks have been on the rise for awhile now. We’d like to take the opportunity to explore how to debug web applications that use HTTPS over SSL/TLS in CloudShark. It’s undeniable that debugging HTTP traffic is one of the most common use-cases for a packet decoder.

Read the whole entry »


Thursday, May 14, 2015

All about SSL key logging

In CloudShark 2.5, we added the ability to use SSL key log file data in order to decrypt SSL streams in the packet viewer. But what exactly is an SSL key log file, and how do you get them so that you can do web site and web service debugging? A key log is a log of the values used by your web browser to generate TLS session keys. Your browser does this every time, but it doesn’t do anything else with those values once they are used.

Read the whole entry »


Wednesday, Apr 9, 2014

Packet Capture of Heartbleed in Action

As many are aware (as it’s now become national news), a vulnerability was recently discovered in OpenSSL dubbed Heartbleed. The attack centers around the implementation of the Heartbeat extension in OpenSSL which causes a server to return the contents of memory that should be protected. This blogpost by Troy Hunt describes the vulnerability in detail: Everything you need to know about the Heartbleed SSL bug. Being packet geeks, naturally we wanted to get a capture of the Heartbleed attack in action.

Read the whole entry »


Thursday, Apr 3, 2014

SSL Key Management with CloudShark

One of CloudShark’s most unique features is SSL stream viewing and rsa key management. Watch the video. What do you do when you have certificates that you need to distribute to your team to look at encrypted data? How do you troubleshoot encrypted network traffic without having to give users access to your keys on their local machines? CloudShark contains a unique key management system in addition to its packet capture repository.

Read the whole entry »


Tuesday, Nov 19, 2013

Kerberos Decryption Support

If you don’t already know, one of CloudShark’s main features is the ability to manage RSA keys and allow those keys to be used to decrypt SSL traffic, allowing users to view encrypted data without ever having to give out your RSA keys. But what about other types of encryption? We were recently approached about support for Kerberos in CloudShark captures. CloudShark can actually support the decryption of Kerberos encrypted data using the Wireshark preferences file that we showed you before for fixing your RTP decode settings.

Read the whole entry »


About Us

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: