Vulnerability Development mailing list archives

Re: Tools to exercise SSL implementation

From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Wed, 3 Oct 2001 18:28:18 -0400 (EDT)

On Wed, 3 Oct 2001, Cushing, David wrote:

Is anyone aware of a tool that will send bogus and/or maliciously
crafted packets to an SSL enabled application?


start with the applications in the OpenSSL distribution. a few exist which
effectively act like an ssl telnet. ISTR it being like "s_client" or
something like that.

there are also some ssl telnet tools. some web searches should help you
out.

no need to reinvent the wheel.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

Tools to exercise SSL implementation Cushing, David (Oct 03)
- Re: Tools to exercise SSL implementation Jose Nazario (Oct 03)
- Re: Tools to exercise SSL implementation Mike Murray (Oct 04)
  - Re: Tools to exercise SSL implementation Matthew Franz (Oct 04)