From: Haroon Meer (haroon@sensepost.com)
Date: Tue May 24 2005 - 02:51:29 EDT
Hi..
You can achieve the SSL relay using sslproxy or stunnel.
You client is still going to get an SSL-error pop-up but im guessing you
are ok with that..
To edit the stream before passing it to the server (assuming the server
is also SSL) you are going to need to string together a few ssl
proxies/stunnels on your own machine.. so you have
--- request --> (443) your-sslproxy[ssl to clear-text] --> (80) your
ssl-proxy[clear text to ssl] --> (443) original-server
This way the request/response will pass through your port 80 in the
clear and you can use tools like net-sed to edit the stream..
/mh
Rajeev Kapoor wrote:
> i am looking for a HTTPS redirect tool, not a proxy.
>
> i need to test a web based application, it
> communicates via port 443
> only and doesnot have option of specifying the proxy
> server, only server
> ip address can be given.
> i want a redirect tool that will accept connections on
> ssl and forward
> it to the web server, it should itself act like a web
> server not a
> proxy server.
>
> i could have achived it via Cain arp posioning but i
> need to edit the
> data also
> anybody know of such tool?
> thanks,
> rajeev
>
>
>
> Discover Yahoo!
> Find restaurants, movies, travel and more fun for the weekend. Check it out!
> http://discover.yahoo.com/weekend.html
>
-- ====================================================================== Haroon Meer MH SensePost Information Security +27 83786 6637 PGP : http://www.sensepost.com/pgp/haroon.txt haroon@sensepost.com ======================================================================
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:21 EDT