lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <e4ce4c44050520073863adee34@mail.gmail.com>
Date: Fri May 20 15:38:53 2005
From: gkverma at gmail.com (Gaurav Kumar)
Subject: FW: looking for a HTTPS redirect server

wait.. fedric solution is not gonna work...beacuse the client is a
thick application and only allows ip address of the web server to be
entered, there is no option i can change ssl port 443 also.

in short,

the client send HTTPS request directly to the webserver, and the
client doesnt allow to change anything other than server address.

how do i edit these https requests?

thanks,
rajeev

On 5/20/05, Rajeev Kapoor <raj_kap99@...oo.com> wrote:
> when i say it i am not looking for a proxy server i
> mean that the attack tool should not act like a Proxy
> Server but a web server. its a ssl mitm attack but
> only thing is that attack tool is not a proxy but a
> web server that is acting as a redirect tool.
> i guess fedric solution will do the job.
> 
> thanks,
> rajeev
> 
> 
> --- Todd Towles <toddtowles@...okshires.com> wrote:
> 
> > So you want a SSL MITM attack program? Any port
> > redirector can redirect
> > the encrypted traffic, but how you are going to edit
> > the traffic without
> > a proxy setup?
> >
> > > -----Original Message-----
> > > From: full-disclosure-bounces@...ts.grok.org.uk
> > > [mailto:full-disclosure-bounces@...ts.grok.org.uk]
> > On Behalf
> > > Of Rajeev Kapoor
> > > Sent: Friday, May 20, 2005 9:13 AM
> > > To: full-disclosure@...ts.grok.org.uk
> > > Subject: [Full-disclosure] looking for a HTTPS
> > redirect server
> > >
> > > i am looking for a HTTPS redirect tool, not a
> > proxy.
> > >
> > > i need to test a web based application, it
> > communicates via
> > > port 443 only and doesnot have option of
> > specifying the proxy
> > > server, only server ip address can be given.
> > > i want a redirect tool that will accept
> > connections on ssl
> > > and forward it to the web server, it should itself
> > act like a
> > > web server not a proxy server.
> > >
> > > i could have achived it via Cain arp posioning but
> > i need to
> > > edit the data also anybody know of such tool?
> > > thanks,
> > > rajeev
> > >
> > >
> > >
> > > ________________________________
> > >
> > > Yahoo! Mail
> > > Stay connected, organized, and protected. Take the
> > tour
> > > <http://tour.mail.yahoo.com/mailtour.html>
> > >
> > > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> >
> http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia -
> http://secunia.com/>
> _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter:
> >
> http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia -
> http://secunia.com/
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ