ssldump - (de-facto repository gathering patches around the cyberspace)
Find a file
2021-06-18 17:33:48 +02:00
.github/workflows Add checks for libjson-c to configure.ac 2021-01-06 18:25:45 +01:00
base Add support for IPv6 traffic dump 2021-04-07 17:40:16 +02:00
common Fix leak in associative array implementation 2021-01-15 11:51:02 +01:00
docker Extract traffic mirroring commands from docker run scripts 2021-03-24 17:47:06 +01:00
null Add support for IPv6 traffic dump 2021-04-07 17:40:16 +02:00
pcap Add support for pcap output to FIFO 2021-06-18 17:33:48 +02:00
ssl Add support for IPv6 traffic dump 2021-04-07 17:40:16 +02:00
win32 ssldump_0.9b3.orig.tar.gz Import 2015-01-31 10:13:33 +01:00
.gitchangelog.rc chg: [build] gitchangelogrc configuration added 2019-05-26 08:09:23 +02:00
.gitignore Rework https://github.com/adulau/ssldump/pull/26 after build system changes 2020-10-06 17:34:58 +02:00
_config.yml Set theme jekyll-theme-minimal 2020-04-28 16:04:47 +02:00
AUTHORS Autoconf setup rewritten 2020-08-27 16:20:38 +02:00
autogen.sh Autoconf setup rewritten 2020-08-27 16:20:38 +02:00
ChangeLog chg: [doc] Changelog updated 2021-04-13 09:54:40 +02:00
configure.ac Fix release version 2021-04-12 21:30:15 +02:00
COPYING Autoconf setup rewritten 2020-08-27 16:20:38 +02:00
COPYRIGHT chg: [copyright] added additional copyright for all new contribution 2021-02-02 15:27:37 +01:00
CREDITS chg: [doc] William has a real name 2020-09-22 16:41:22 +02:00
FILES ssldump_0.9b3.orig.tar.gz Import 2015-01-31 10:13:33 +01:00
INSTALL ssldump_0.9b3.orig.tar.gz Import 2015-01-31 10:13:33 +01:00
INSTALL.W32 ssldump_0.9b3.orig.tar.gz Import 2015-01-31 10:13:33 +01:00
Makefile.am Change binary installation directory to /usr/sbin 2020-12-09 14:51:09 +01:00
NEWS Autoconf setup rewritten 2020-08-27 16:20:38 +02:00
README Link README to README.md 2020-10-03 13:16:11 +02:00
README.md chg: [doc] v1.4 released 2021-04-12 10:17:56 +02:00
README.old Reorganize README files 2020-10-03 10:32:19 +02:00
ssldump.1 chg: [doc] man page fixed for copyright notice + README updated 2021-02-02 15:22:48 +01:00

ssldump - (de-facto repository gathering patches around the cyberspace)

Clang CI GCC CI

Release and tagging

  • Current version of ssldump is v1.4 (released: 2021-04-12) - ChangeLog
  • Previous version of ssldump is v1.3 (released: 2021-02-02) - ChangeLog

What about the original ssldump?

This repository is composed of the original SSLDUMP 0.9b3 + a myriad of patches (from Debian and other distributions) + contributions via PR

ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. It also includes a JSON output option, supports JA3 and IPv6.

How to do I run ssldump?

./ssldump -j -ANH -n -i any | jq will run ssldump on all interfaces and output the result in JSON format including ja3 hashes.

For more details, check the man page.

Why do you maintain this repository?

Because it's a mess. The software maintenance process for old free (unmaintained) software like ssldump is a complete chaotic process. I do this to ease my pain and this could help other too (but this is just a collateral damage).

Where ssldump is used?

Build instructions

On Debian & Ubuntu:

apt install build-essential autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install

On Fedora, Centos & RHEL:

dnf install autoconf automake gcc make openssl-devel libpcap-devel libnet-devel json-c-devel
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install

Optional configuration features (aka ./configure options):

  --disable-optimization  disable compiler optimizations (change from -O2 to -O0)
  --enable-debug	  enable debug info (add "-g -DDEBUG" to CFLAGS)
  --enable-asan		  enable AddressSanitizer and other checks
	add "-fsanitize=address,undefined,leak -Wformat -Werror=format-security
		-Werror=array-bounds" to CFLAGS
	use libasan with GCC and embedded ASAN with Clang

Configuration examples:

- Use GCC with libasan, debug info and custom CFLAGS:
	./configure CC=/usr/bin/gcc --enable-asan --enable-debug CFLAGS="-Wall"

- Use Clang with ASAN and no optimizations (-O0)
	./configure CC=/usr/bin/clang --enable-asan --disable-optimization

Notes

The "save to pcap" (-w) option by @ryabkov, is heavily based on the work of @droe on https://github.com/droe/sslsplit .

Contributing

The contributing policy is simple. If you have a patch to propose, make a pull-request via the interface. If the patch works for me, it's merged.