Penetration Testing mailing list archives
SSL MITM not on port 443
From: christopher.riley () r-it at
Date: Wed, 27 Aug 2008 13:32:32 +0200
I've come across a problem in a pentest that I'm working on right now that I thought the members of the list might be able to assist me with. I'm working with a propriatary software (written in C++) that communicates on a high port number using HTTPS. I'm trying to test to see if the software can be fooled into accepting a false certificate and then traffic decoded into clear text. So far I've tried Ettercap, webmitm and CAIN without much luck. The closest I can get is Ettercap capturing the communication, however it doesn't offer a forged certificate and all captured traffic is still encrypted using the normal server certificate. Not much of a MITM attack. I've confirmed that Ettercap works as advertised against a couple of sites in Internet Explorer and all seems to work normally. Does anybody know of a way to force Ettercap to perform an SSL mitm even though the port isn't associated with HTTPS ? or maybe you can suggest a better tool for the job ? I can control where the application looks for the server, so I can divert it through some kind of forwarding proxy if needed ? Thanks, Chris Riley ---------------------------------------- Raiffeisen Informatik GmbH, Firmenbuchnr. 88239p, Handelsgericht Wien, DVR 0486809, UID ATU 16351908 Der Austausch von Nachrichten mit oben angefuehrtem Absender via E-Mail dient ausschliesslich Informationszwecken. Rechtsgeschaeftliche Erklaerungen duerfen ueber dieses Medium nicht ausgetauscht werden. Correspondence with above mentioned sender via e-mail is only for information purposes. This medium may not be used for exchange of legally-binding communications. ---------------------------------------- ------------------------------------------------------------------------ This list is sponsored by: Cenzic Top 5 Common Mistakes in Securing Web Applications Get 45 Min Video and PPT Slides www.cenzic.com/landing/securityfocus/hackinar ------------------------------------------------------------------------
Current thread:
- SSL MITM not on port 443 christopher . riley (Aug 27)
- RE: SSL MITM not on port 443 Robbie Gill (Aug 27)
- Re: SSL MITM not on port 443 James Matthews (Aug 27)
- RE: SSL MITM not on port 443 christopher . riley (Aug 28)
- Re: SSL MITM not on port 443 Roman Fulop (Aug 28)
- Re: SSL MITM not on port 443 Ahmad Taha (Aug 28)
- RE: SSL MITM not on port 443 Shenk, Jerry A (Aug 29)
- RE: SSL MITM not on port 443 christopher . riley (Aug 29)
- RE: SSL MITM not on port 443 Frank Knobbe (Aug 30)
- RE: SSL MITM not on port 443 Robbie Gill (Aug 27)