| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Feb 14 17:03:44 2006 From: feiginml at gmail.com (Eli Feigin) Subject: Interception of SSL 3 communication I am trying to perform a man in the middle attack on a local client application. The application client (VB application) uses a client side certificate located on a smart card (GEMPLUS) to encrypt co communication with the server (Java servlet). All I know is that the application accesses a url like this: https:// www.thesite.com via SSL 3. I don't have the source of the client code, but I would like to view/alter the communication in some way. When the card is inserted IE is able to view the certificate, and export it in several formats. I tried Paros to intercept the communication but I couldn't meet its certificate requirements. Thanks to anyone who can help me intercept the communication. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060214/d0a0156f/attachment.html
Powered by blists - more mailing lists