# Does anyone know a quick way to break TLS packets using MITM?



## d0n (Oct 16, 2016)

I went through a few services that decrypted the packets, wrote a VB GUI and macro to display but sometimes, the packets take too long to be turned into legible writing that I can use (wink wink guess for what), does anyone know of a good and fast TLS decrypt MITM service? Preferably free.


----------



## Beritknight (Feb 18, 2016)

I'm confused. Do you have the private key to decrypt these packets? Or are you looking for a fast, free service to brute force TLS encryption on network packets that you don't have the key for?

What version of TLS and what cipher suite is in use?


----------



## d0n (Oct 16, 2016)

Beritknight said:


> I'm confused. Do you have the private key to decrypt these packets? Or are you looking for a fast, free service to brute force TLS encryption on network packets that you don't have the key for?
> 
> What version of TLS and what cipher suite is in use?


 I need a fast and reliable MITM service via tunnel like sslstrip, TLS 2.0 over suite


----------



## Beritknight (Feb 18, 2016)

d0n said:


> I need a fast and reliable MITM service via tunnel like sslstrip, TLS 2.0 over suite


Do you mean SSL 2.0, or TLS 1.2?

I think you misunderstand sslstrip. It's not a decryption tool, it's a method for trying to force a client (usually a web browser) to connect over HTTP rather than HTTPS. It just sits in the middle and rewrites requests to stop the client from ever elevating from http to https. It doesn't actually decrypt packets that are actually encrypted.

As always with this sort of thing, Stack Overflow is a great place to start.

https://security.stackexchange.com/questions/41988/how-does-sslstrip-work


----------



## d0n (Oct 16, 2016)

Beritknight said:


> Do you mean SSL 2.0, or TLS 1.2?
> 
> I think you misunderstand sslstrip. It's not a decryption tool, it's a method for trying to force a client (usually a web browser) to connect over HTTP rather than HTTPS. It just sits in the middle and rewrites requests to stop the client from ever elevating from http to https. It doesn't actually decrypt packets that are actually encrypted.
> 
> ...


Lol, sorry I had too many brewskies that day.

SSL 2.0 and TLS 1.2

Ciphers:

RSA
Diffie
Eclyptic
Diffie ephem
AES

All mixed in different custom ciphers but no need for that anymore.

By service yeah I meant software like setting squid proxy or ssltrip but oddly enough a week since I posted this, they changed security and now I am getting java trust certpathvalidator error with a method, I guess I am going to have to set it up manually... serves me right for posting this on an uber surveilled forum.

Way too many to drink.

I'll contact you in private and show you my progress so far if you can help but I am back to square one so it might take a while, also the new method is going to be a "Frankenstein network" to be able to use it on the road, I am also thinking of a third method but god knows if i will have time.


----------



## Joe551 (Feb 21, 2017)

If you pm him how do you know your not pming the Uber spy ? Lol


----------



## d0n (Oct 16, 2016)

Joe551 said:


> If you pm him how do you know your not pming the Uber spy ? Lol


Good point, hah.


----------



## cdm813 (Jan 9, 2017)

42.


----------



## d0n (Oct 16, 2016)

Done already.


----------



## Beritknight (Feb 18, 2016)

Cool. I have *absolutely* no idea what you think you're doing.


----------



## d0n (Oct 16, 2016)

Beritknight said:


> Cool. I have *absolutely* no idea what you think you're doing.


Haha, try it! It's easy and rewarding.

I have certain problems with a certain cipher mixes BUT I think the scene will come to the rescue with an NSA tool that uses an exploit to open it, all thanks to the l337 group that came up with it and had all their tools stolen from them, after the bid, those who procured it were hacked and that is why you don't put backdoors in systems! (if you catch my drift)

So far I have:

Teleportation device.
Crystal ball. (half working)
??????

The last one will remain a secret due to how easy it could be to fix... yet costly but that second one... is here to stay forever unless they invent something past SSL for commercial.


----------

