>
> > From: Charles B Cranston
> >
> > MacDermid, Kenny wrote:
> > > I'm looking to locally reverse engineer a network protocol
> > > that's encrypted using ssl.
> >
> > Another method would be to use a man-in-the-middle attack on
> > a third machine, but that machine would need access to the
> >
Actually, I'm trying to do this very thing. I had not heard of ssldump
and now I'm kicking myself. You should definitely use this ssldump
thing. What I was eventually going to do, which you could do also, is
find out what address is the call to SSL_verify or whatever that checks
the integrit
> From: MacDermid, Kenny
> Sent: Wednesday, November 24, 2004 8:33 AM
> To: [EMAIL PROTECTED]
> Subject: RE: Reverse engineering program protocol under ssl
>
>
> > From: Peter Sylvester
> >
> > http://www.rtfm.com/ssldump/
>
> Thank you for your
You're quite welcome. I'm sure the journalling-DLL approach
would work just as well. Just for information, if you have
administrative access to the server and it is based on Windows,
you might be able to save the certificate and key as a .pfx file,
then use the OpenSSL pkcs12 command to extract t
in openssl/apps/s_client;c you find:
if (c_debug)
{
con->debug=1;
BIO_set_callback(sbio,bio_dump_cb);
BIO_set_callback_arg(sbio,bio_c_out);
}
if (c_msg)
{
SSL_set_msg_ca
On Wed, Nov 24, 2004, MacDermid, Kenny wrote:
> > From: Charles B Cranston
> >
> > MacDermid, Kenny wrote:
> > > I'm looking to locally reverse engineer a network protocol
> > > that's encrypted using ssl.
> >
> > Another method would be to use a man-in-the-middle attack on
> > a third machine,
> From: Charles B Cranston
>
> MacDermid, Kenny wrote:
> > I'm looking to locally reverse engineer a network protocol
> > that's encrypted using ssl.
>
> Another method would be to use a man-in-the-middle attack on
> a third machine, but that machine would need access to the
> private key of th
> From: Peter Sylvester
>
> http://www.rtfm.com/ssldump/
Thank you for your reply Peter,
Unfortunately I already looked into this, and found that I would need the
server keys. All I have is the client application, and a production
server that it communicates back to.
Thanks again,
Kenny
-
http://www.rtfm.com/ssldump/
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTE
MacDermid, Kenny wrote:
I'm looking to locally reverse engineer a network protocol
> that's encrypted using ssl. The program runs under windows and
> is using ssl dll's. I'm currently trying to work out the easiest
solution, and am looking for suggestions.
I'm considering either trying to wrap the
Hello all,
I'm looking to locally reverse engineer a network protocol that's encrypted
using ssl. The program runs under windows and is using ssl dll's. I'm currently
trying to work out the easiest solution, and am looking for suggestions.
I'm considering either trying to wrap the dll's to read
11 matches
Mail list logo
