Penetration Testing mailing list archives

Re: Stunnel Problems

From: Joerg Over <over () dexia de>
Date: Fri, 07 Dec 2001 11:56:00 +0100

Hi!

At 00:13 07.12.01 -0000 you wrote:
---8<----------------snip
->I am attempting to access a Web Server sat behind Netscape (NetCache?) 3.5
->proxy. Here is what I am doing.
->
->stunnel -c -d 80 -r <remotehost>:443
->and point a browser on local host to 80.
---8<----------------snip

I might be entirely wrong, but maybe depending on _how_ you point your
browser, it might not try to encrypt in the first place.

I'd think, that pointing like:
http://localhost/

might not even try encryption, while

https://localhost:80/

might trick the browser into it.

Just a shot in the blue, and sorry if I didn't understand the site specific
part (that looked like it might have been an entirely different access
method, using a browser directly resp. using s_client without stunnel; if
not, I'm wrong, of course)


jo

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Writing to Windows Security Log Tina Bird (Dec 05)
- Stunnel Problems Stuart (Dec 06)
  - Re: Stunnel Problems Joerg Over (Dec 10)
  - RE: Stunnel Problems Bugtraq (Dec 10)
- Raptor Firewall Stuart (Dec 06)
  - Re: Raptor Firewall H D Moore (Dec 10)
  - Re: Raptor Firewall Alex Butcher (pentest) (Dec 10)
  - Re: Raptor Firewall Mike Shaw (Dec 10)
  - Re: Raptor Firewall Erik Parker (Dec 10)
- <Possible follow-ups>
- Re: Writing to Windows Security Log Tina Bird (Dec 06)
  - Re: Writing to Windows Security Log Adrien de Beaupre (Dec 10)
- RE: Writing to Windows Security Log Brass, Phil (ISS Atlanta) (Dec 10)