TeLeScope can decrypt your TLS traffic realtime if on a hypervised machine (which most people are nowadays)

Bitdefender vulnerability researcher Radu Caragea presented today at the Hack In The Box Amsterdam conference a novel way to extract TLS keys from virtual machines, using an out-of-guest approach. The new technique works to detect the creation of TLS session keys in memory as the virtual machine is running.
The presentation covers a novel technique that not only works for virtualized machines but is also OS-agnostic and crypto-library-agnostic. With a minimal overhead both in terms of speed and in terms of setup, this new technique offers insight into dynamic malware analysis of infected machines.

Source: TeLeScope unveiled at Hack In the Box | Bitdefender Labs

Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

 robin@edgarbv.com  https://www.edgarbv.com

Leave a Reply