Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: FW: looking for a HTTPS redirect server
From: Gaurav Kumar <gkverma () gmail com>
Date: Fri, 20 May 2005 20:08:46 +0530

wait.. fedric solution is not gonna work...beacuse the client is a
thick application and only allows ip address of the web server to be
entered, there is no option i can change ssl port 443 also.

in short,

the client send HTTPS request directly to the webserver, and the
client doesnt allow to change anything other than server address.

how do i edit these https requests?

thanks,
rajeev

On 5/20/05, Rajeev Kapoor <raj_kap99 () yahoo com> wrote:
when i say it i am not looking for a proxy server i
mean that the attack tool should not act like a Proxy
Server but a web server. its a ssl mitm attack but
only thing is that attack tool is not a proxy but a
web server that is acting as a redirect tool.
i guess fedric solution will do the job.

thanks,
rajeev


--- Todd Towles <toddtowles () brookshires com> wrote:

So you want a SSL MITM attack program? Any port
redirector can redirect
the encrypted traffic, but how you are going to edit
the traffic without
a proxy setup?

-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk]
On Behalf
Of Rajeev Kapoor
Sent: Friday, May 20, 2005 9:13 AM
To: full-disclosure () lists grok org uk
Subject: [Full-disclosure] looking for a HTTPS
redirect server

i am looking for a HTTPS redirect tool, not a
proxy.

i need to test a web based application, it
communicates via
port 443 only and doesnot have option of
specifying the proxy
server, only server ip address can be given.
i want a redirect tool that will accept
connections on ssl
and forward it to the web server, it should itself
act like a
web server not a proxy server.

i could have achived it via Cain arp posioning but
i need to
edit the data also anybody know of such tool?
thanks,
rajeev



________________________________

Yahoo! Mail
Stay connected, organized, and protected. Take the
tour
<http://tour.mail.yahoo.com/mailtour.html>

_______________________________________________
Full-Disclosure - We believe in it.
Charter:

http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
http://secunia.com/>
_______________________________________________
Full-Disclosure - We believe in it.
Charter:

http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia -
http://secunia.com/


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]