Network Security: Detailed info on RE: Https sniffer

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

RE: Https sniffer

from [Lyal Collins] Network Security

[Permanent Link]

Subject:	RE: Https sniffer
Date:	Wed, 20 Jul 2005 18:51:37 +1000

I've tried ssldump recently but only obtained decrypts with a very
restricted set of SSL parameters - RSA and 3DES in my case.
I don't have the coding skills to approach this in order to resolve the
issues either, sorry.
Your mileage may vary...

Lyal


-----Original Message-----
From: Hugo Fortier [mailto:hfortier@recon.cx] 
Sent: Wednesday, 20 July 2005 1:22 PM
To: Phalak, Kashmira Vijay
Cc: vuln-dev@securityfocus.com; webappsec@securityfocus.com
Subject: Re: Https sniffer


Hi Kashmira,

There is ssldump, it's not a HTTP Analyser but a SSL analyser you can  
find it at http://www.rtfm.com/ssldump/. ssldump will decrypt the  
data if provided with the good private key.

Hugo

On 19-Jul-05, at 8:58 PM, Phalak, Kashmira Vijay wrote:

Hi All,

Does anybody know a good https sniffer which can sniff in promiscuous 
mode? I tried HTTP Analyzer and it works great, but it does not have 
support for promiscuous mode.

Thanks,
Kashmira.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Https sniffer, Phalak, Kashmira Vijay Re: Https sniffer, Hugo Fortier RE: Https sniffer, Lyal Collins <= Re: Https sniffer, Garth Somerville RE: Https sniffer, Asaf Wexler RE: Https sniffer, Phalak, Kashmira Vijay RE: Https sniffer, Garth Somerville Re: Https sniffer, Rogan Dawes Re: Https sniffer, Achim Hoffmann RE: Https sniffer, Erick Lee RE: Https sniffer, Phalak, Kashmira Vijay

Previous by Date:	RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Cyrill Osterwalder
Next by Date:	RE: NTLM HTTP Authentication is insecure by design - a new writeup by Amit Klein, Cyrill Osterwalder
Previous by Thread:	Re: Https sniffer, Hugo Fortier
Next by Thread:	Re: Https sniffer, Garth Somerville
Indexes:	[Date] [Thread] [Top] [All Lists]