<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Re: Tools to exercise SSL implementation

Re: Tools to exercise SSL implementation

From: Jose Nazario <jose_at_biocserver.BIOC.cwru.edu>
Date: Wed, 3 Oct 2001 18:28:18 -0400 (EDT)

On Wed, 3 Oct 2001, Cushing, David wrote:

> Is anyone aware of a tool that will send bogus and/or maliciously
> crafted packets to an SSL enabled application?

start with the applications in the OpenSSL distribution. a few exist which
effectively act like an ssl telnet. ISTR it being like "s_client" or
something like that.

there are also some ssl telnet tools. some web searches should help you
out.

no need to reinvent the wheel.

____________________________
jose nazario jose_at_cwru.edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
Received on Oct 03 2001

This message: [ Message body ]
Next message: Crist J. Clark: "Re: Possible syslogd DoS ?"
Previous message: Cushing, David: "Tools to exercise SSL implementation"
In reply to: Cushing, David: "Tools to exercise SSL implementation"
Next in thread: Mike Murray: "Re: Tools to exercise SSL implementation"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos