Full Disclosure mailing list archives

Re: Tool for SSL Proxy mitm

From: "M. Shirk" <shirkdog_list () hotmail com>
Date: Tue, 20 May 2008 13:09:27 -0400

I could try to do some API hooking


Good, get on it...

Shirkdog
' or 1=1-- 

http://www.shirkdog.us

Date: Tue, 20 May 2008 12:06:07 -0400
From: fractalg () highspeedweb net
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] Tool for SSL Proxy mitm

Hello,

I'm looking for a SSL proxy to do a mitm against a specific software.
Since there is certificate verification, what I'm thinking is to modify
the program certificates so it can communicate with the proxy and then
have the proxy communicate with the final server with legit identification
grabbed from the program.
My objective is to snoop what is being sent. I could try to do some API
hooking but still not explored this on Mac OS X. Anyone knows some good
reading for hooking on Tiger ?

Thanks,
fG

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_________________________________________________________________
E-mail for the greater good. Join the i’m Initiative from Microsoft.
http://im.live.com/Messenger/IM/Join/Default.aspx?source=EML_WL_ GreaterGood

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Tool for SSL Proxy mitm fG (May 20)
- Re: Tool for SSL Proxy mitm M. Shirk (May 20)
- <Possible follow-ups>
- Re: Tool for SSL Proxy mitm Yann (May 21)