I have a standard MongoDB SSL environment where the mongo wire protocol is encrypted with SSL/TLS using RSA keys. I have packet captures of communication between the MongoDB server and a client taken via
tcpdump. I have ownership of the certificates involved in the encryption.
I have a capture of the handshake, and DHE / ECDHE / PFS is not at play in this scenario.
How can I decrypt the information in the existing packet captures to inspect the contents of the mongo wire protocol portion of the packets?
You almost certainly can’t because of forward secrecy.
MongoDB, for some reason, has a hardcoded SSL cipher list of
HIGH:!EXPORT:!aNULL@STRENGTH. What this results in depends on the version of OpenSSL it was built against, but on a modern system will result in ciphers that use forward secrecy being preferred over those that don’t.
You can see the generated cipher list on the target system with:
openssl ciphers -v 'HIGH:!EXPORT:!aNULL@STRENGTH'
When the SSL/TLS connection uses forward secrecy, it is impossible to decrypt the session, even if you have the SSL certificate private key. This is the whole point of forward secrecy; it prevents past sessions from being decrypted even if an attacker (whether it be you or a criminal or the NSA) gains control of your private key.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.