A Referendum Form on Backhand Steroids (Decrypting the Schmoog)

I thought maybe I try and tell how this study has been performed. I.e. the (usual) workflow. All my programs are primitive at this time.

The best approach a modestly advanced reader (of some kind of Unix) or very advanced Windoze user recommended is get the analysis for yourself, from files that you can get by starting with only:
dump_180505_0342_gdO.pcap
dump_180505_0342_gdO_SSLKEYLOGFILE.txt
Screen_180505_0342_gdO.webm

If you run it correctly (or if you figure it out (or if you modify it to work for you)), you should get the same files that I provided here (for those still interested, but not advanced enough).

( Maybe later or elsewhere on the title, if at all, here technical stuff. )

So, the workflow. I fire up

uncenz

and start an (always separate/standalone) session online. The files I get, I copy into a separate directory, and run dump_perl_repl.sh (from that linked uncenz) for a (minimal) anonymization.

Then I run:
$ PCAPs-work-prep.sh dump_180505_0342_gdO.pcap
( which script is from the program:
workPCAPs ).

That tailor-creates for me a file
PCAPs-work.sh
which I run right there. And that script runs, in the right way and in the right order main scripts (and some other) from programs:

tshark-streams

stream-cont

tshark-hosts-conv

which did the work that I present here.

Then I am able to analyze all the data, decrypted and stored mostly in:
dump_180505_0342_gdO_tHostsConv
dump_180505_0342_gdO_tStreams
with uncenz-2nd (from the program listed first further above). Once you download the bunch, make a symlink:
$ ln -s Screen_180505_0342_gdO.webm Screen_180505_0342_gdO.mkv
so you can analyze all data, not so little info being always in the screencast too.

And I don't invent hot water there. With uncenz-2nd I use Wireshark a lot for my analysis from this stage.

---

The last addition to my toolbox of programs (above listed) is the stream-cont.pl (from the listed program stream-cont), and with it I'm much closer than ever to figuring out more secrets of the internet.

stream-cont makes extracting (most) files from my tshark-streams extracted streams more comfortable than I have been able to ever before accomplish. Just enter, in your own, or in the downloaded dump_180505_0342_gdO_tStreams, and execute:

$ sensible-editor -p $(ls -1 *.gz|sed 's/\.gz//')

You get all the files that the Schmoog gzipped (for faster/cleaner transport) and stowed in SSL-encrypted TCP-streams! No, I'm not (and won't be so soon, if ever) a JavaScript expert, but those are certainly top-notch surveillor programs, no doubt about it...

And that's the fruit of my primitive debugging of the old Chaosreader (that can't --well, at least at this time-- work HTTPS) and using the right fraction of its code to create my stream-cont.

The thing is, you get those gunzipped files (with the sensible-editor run above) just as the Schmoog made them. SSL being the veritable witness, as that gentleman certainly (most usually) is.

And isn't it crazy, how much stuff that world's top unofficial spy agency delivers on whoever accesses it. So much related to the title.

With the open hand they give you apparently (no one denies) useful service. With the work most users just aren't capable of seeing at all, kind of as with the movement of the hand outside the scope of the eyes of your mind, you are their product.

I suggest to any thinking reader: don't do that. Don't use that octopus, and don't make others have to use it if you don't have to. E.g., as for the search engine, and this is not a paid ad, I just respect them, the DuckDuckGo are getting good enough replacement for most things you could need Google for... And they are privacy friendly!...

And for forms like this... Why do you have to sell me to Google to just get a few pieces of data of mine, for the love of God?

Ah...

Also bear in mind that my browser Palemoon (a better fork of Firefox) is protected with NoScript, UBlock0 and Decentraleyes, so it's even worse on an run-of-the-mill browser. It's tentacles of that octopus in your system...

Pls. see: ../cap-180220-PaleMoon-uBlock0/ about that.

Don't miss to look up how little is really needed for a working form, and without Schmoog the spies, at:

../cap-180504-no-IstanbulC/

---

By uncenz:

dump_180505_0342_gdO.pcap

---

WARNING: Familiarity with and use of some Unix-like OS such as GNU/Linux or BSD, (or being able to use Cygwin on Windows but I haven't tested that yet) is required to be able to follow.

Most of the original files of this section are produced with my (primitive) set of scripts:

uncenz.

Notice there are different scripts there, some I use for minimal anonymization of the dumps (dump_perl_repl.sh). Ah, and another could be useful for downloading, instead of of click-downloading each file in a list (dump_dLo.sh). If not downloading uncenz, you can get it directly: https://raw.githubusercontent.com/miroR/uncenz/master/dump_dLo.sh or later version if that looks too old.

For analysis/stream extraction I often use my modest and lacking in good programming practices, but doing what I created them for, scripts:

tshark-hosts-conv

and:

tshark-streams.

as well as:

workPCAPs which can run tshark-streams and tshark-hosts-conv
( and from May 2018 also stream-cont.pl from program

stream-cont )

on (a lot) of PCAP(s) (usually) non-interactively.

Readers are advised to try and analyze the traffic dumps for themselves, with the above programs (I also try to offer some educational usefulness to them). There would anyway be too little point posting all the streams and the listings that those would produce. I usually post just the ones among that produce which are crucial for the discussion in question.

And just another one thing: I post lots of command lines and snippets of scripts. Be aware that some of those are in HTML, so before using them, check that they correspond to what the page shows, and of course, report (find miro.rovis or such at the front page of www.croatiafidelie.hr) back to me the typoes and errors if you find any.

The files necessary for this study are listed in:

ls-1

dump_180505_0342_gdO.pcap
Screen_180505_0342_gdO.webm
dump_180505_0342_gdO_SSLKEYLOGFILE.txt

and verify to: ls-1.sum signed by: ls-1.sum.asc

And that is all you need to be able follow this (actually) tutorial page. But if you're not advanced enough (some scripts would need modifications on some OSes or even some flavors of GNU/Linux like mine), here's what my programs get out of the PCAP and with the SSL-keys log given above (well the stream-cont is fresh from my mind, some noise there in dump_180505_0342_gdO_tStreams, but you'll figure and delete the noise):

ls-1Rest

It's a lot to download... Of course, still a breeze with my dump_dLo.sh indicated above. Would be madness otherwise, just like extracting one by one the Google javascripts above... Pls. also make sure you got the short list above downloaded too. And place all in one same dir then. Actually "dump_dlo.sh ls-1" first and then (if you checked it: "cd ..") and "dump_dlo.sh ls-1Rest" should get it right for you. (Unfortunately, you'll also be downloading maybe three or so symlinks, but it's just extra work, no harm. One more note in bottom.)

dump_180505_0342_gdO_tHostsConv.log
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_255.255.255.255.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.20.97-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_216.58.205.174-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_151.21.208.74-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/.tshark-hosts-conv_non-interactive
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.20.97.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.20.110-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_151.21.208.74.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_69.195.158.197.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_69.195.158.197-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO.hosts
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.20.106-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.20.110.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO.conv-ip
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_216.58.205.174.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO.hosts-worked-ls-1
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_93.136.8.116-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.23.36.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_93.136.8.116.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.20.106.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_216.58.205.163.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_172.217.23.36-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_216.58.205.163-frame-http-request-full_uri.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_SSLKEYLOGFILE.txt
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_94.177.171.127.pcap
dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO.POST
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.part_03.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s017.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_02.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003-ssl.part_03
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.part_04
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s013.part_03.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012-ssl.part_02.png
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s010-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_02
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_05
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003-ssl.part_03.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s004.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s021.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s000.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s020.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s009.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s004.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s000-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_03
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_02
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s002.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012-ssl.part_03.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s015-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s002-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_02.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_streams.ls-1
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s016.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s011.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019-ssl.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s013.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018-ssl.part_02.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_03.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005-ssl.part_03.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019-ssl.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s002.part_02.xml
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s011-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s015.part_03.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_06.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s000-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018-ssl.part_02
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s013-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_07.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s021-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s020.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s020-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s016-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_02.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s008.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s020-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s011-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s011-ssl.part_02.png
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s011.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s001.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s011-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s017.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007-ssl.part_02.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s008.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s017.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s013-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s004-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s016.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s004.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s017.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s002-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s021-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s014.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s009.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_05
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s020-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s020-ssl.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s014.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_07
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s009.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_03
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_04.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003-ssl.part_02
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012-ssl.part_03
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s000-ssl.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s010-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_03.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s016.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s009-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s010-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007-ssl.part_02
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s015.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_05.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s015-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_04
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s014-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s001-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s001-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_03
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.part_02
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s008.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_05.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s013.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s013.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_04
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003-ssl.part_02.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s015.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s004.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.part_03
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s010.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s009-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s001.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s000-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s001.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s001.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s002.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s004-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s017-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s015.part_02.xml
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s008-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s010-ssl.part_02.jpeg
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s021.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s014.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s014.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s008-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s012-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s000.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s017-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO.pcap
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s016-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_02
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s020.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s010.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_05
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_04.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005-ssl.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s019-ssl.part_03.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s008-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s014-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s021.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s013.part_02.xml
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_03.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005-ssl.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s011.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_04
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s002.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.part_04.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s008-ssl.part_02.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s015.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s005.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s022-ssl.part_04.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s003-ssl.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s000.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s018-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s016.part_01.data
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_01.empty
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_SSLKEYLOGFILE.txt
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s010.bin
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s006-ssl.part_02.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s024-ssl.part_06
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s023-ssl.part_05.gz
dump_180505_0342_gdO_tStreams/dump_180505_0342_gdO_s007.part_01.empty
PCAPs-work.sh

and verify to: ls-1Rest.sum signed by: ls-1Rest.sum.asc

NOTE: with dump_dLo.sh of the version of uncenz of the time you are likely to get "sha256sum: WARNING: 1 listed file could not be read". But it's there, only in its dir instead of in top dir... do this:

$ mv -vi dump_180505_0342_gdO_tHostsConv/dump_180505_0342_gdO_tHostsConv.log . 

(note the ".") and all is fine.

But maybe I've successfully fixed that in this afternoon's uncenz...