- Current version of ssldump is v1.1 (released: 2019-12-28) - ChangeLog
This repository is composed of the original SSLDUMP 0.9b3 + a myriad of patches (from Debian and other distributions) + contributions via PR
ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic.
Because it's a mess. The software maintenance process for old free (unmaintained) software like ssldump is a complete chaotic process. I do this to ease my pain and this could help other too (but this is just a collateral damage).
I used it for a relatively small project called Passive SSL. For more information, Passive SSL Passive Detection and Reconnaissance Techniques, to Find, Track, and Attribute Vulnerable ”Devices”. Additional back-end code available is in the crl-monitor repository.
- Current version of ssldump is v1.1 (released: 2019-12-28) - ChangeLog
On Debian & Ubuntu:
apt install build-essential autoconf libssl-dev libpcap-dev
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install
On Fedora, Centos & RHEL:
dnf install autoconf automake gcc make openssl-devel libpcap-devel
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install
The contributing policy is simple. If you have a patch to propose, make a pull-request via the interface. If the patch works for me, it's merged.