adi003user Posted December 29, 2010 Report Share Posted December 29, 2010 LittleBlackBox is a collection of thousands of private SSL keys extracted from various embedded devices. These private keys are stored in a database where they are correlated with their public SSL certificates as well as the hardware/firmware that are known to use those SSL keys.A command line utility is included to aid in the identification of devices or network traffic that use these known private keys. Given a public SSL certificate, the utility will search the database to see if it has a corresponding private key; if so, the private key is displayed and can be used for traffic decryption or MITM attacks. Alternatively, it will also display a table of hardware and firmware that is known to use that private key.The utility can obtain a public certificate several different ways:You may give it the path to a public certificate file.You may give it the SHA1 hash of a public certificate.Given a host, it will retrieve the host's public SSL certificate.Given a pcap file, it will parse the file looking for public certificate exchanges.Given a live network interface, it will listen for public certificate exchanges.http://code.google.com/p/littleblackbox/ Quote Link to comment Share on other sites More sharing options...
