Why is it possible to sniff an HTTPS / SSL request?

Question

I'm new to the realm of HTTP requests and security and all that good stuff, but from what I've read, if you want your requests and responses encrypted, use HTTPS and SSL, and you'll be good. Someone in a previous question posted a link to this app http://www.charlesproxy.com/ which shows that it is actually possible to sniff HTTPS requests, and see the request and response in PLAIN text.

I tried this with the facebook.com login, and I was indeed able to see my username AND password in plain text. It was too easy. What's going on? I thought that was the whole point of HTTPS - to encrypt requests and responses?

Answer 1

This is explained in their page on SSL proxying, perhaps not with enough explanations.

A proxy is, by definition, a man-in-the-middle: the client connects to the proxy, and the proxy connects to the server.

SSL does two things:

• It ensures the confidentiality and integrity of the established connection.
• It performs some verification of who you are connecting to.

It's the second part that's important, and seemingly broken, here: you're sitting at your browser, and surprised that your browser is connecting to the proxy whereas you expected it to connect to Facebook. Technically, the proxy is not sniffing the HTTPS traffic, it's relaying it.

Your browser knows that it's connected to Facebook because the site has a certificate that says “I am really www.facebook.com”. Public-key cryptography, by means that I will not get into here, ensures that only the holder of the private key can initiate a valid connection with this certificate. That's only half the battle: you only have the server's claim that it really is www.facebook.com and not randomhijacker.com. What your browser does is additionally check that the certificate has been validated by a certificate authority. Your browser or operating system comes with a list of certificate authorities that it trusts. Again, public-key cryptography ensures that only the CA can emit certificates that your browser will accept.

When you connect to the proxy, your browser receives a certificate that says “I am really www.facebook.com”. But this certificate is not signed by a CA that your browser trusts by default. So:

• either you received a warning about an insecure HTTPS connection, which you clicked through to see the concent at https://www.facebook.com/;
• or you added the CA that signed the proxy's certificate (“Charles's CA certificate”) to your the list of CAs that your browser trusts.

Either way, you told your browser to trust the proxy. So it does. An SSL connection is not secure if you start trusting random strangers.

Recommended reading for further information:

• when is it safe to click through an SSL warning message?
• Does an established ssl connection mean a line is really secure
• SSL with GET and POST
• How do I check that I have a direct SSL connection to a website?
• Does https prevent man in the middle attacks by proxy server?
• How is it possible that people observing an HTTPS connection being established wouldn't know how to decrypt it?
• How can end-users detect malicious attempts at SSL spoofing when the network already has an authorized SSL proxy?

Answer 2

You can't break https unless you have access to the session symmetric key. In short, https sessions work this way:

1. Client and server exchange some initial information
2. Using this information the client is able to authenticate the server, making sure it is trust worth
3. The client uses the server's public key to send him an encrypted secret
4. The server decrypts this secret using his private key (only the authenticated server can do that!)
5. Both the client and the server use the secret to locally generate the session symmetric key
6. Now they can talk to each other safely because no one else knows their session symmetric key

If some how along the way a third party is able to get access to the shared secret he will also be able to generate the session symmetric key and decrypt the communication.