1

I'm getting bit helpless with this. I need a tool that can perform MITM on any chosen SSL stream from localhost to remotehost (not just HTTPS!). Searching for such application seems to be pretty difficult task because all apps seems to follow this trend: SSL==HTTPS. My application trusts the certificate so that's not an issue. For HTTPS I use Proxifier + Charles Debugging Proxy. However Charles can capture only HTTPS, not binary SSL crypted data.

How do I imagine the flow of data. In best case: Application->MITM_PROXY->Server Or: Application->Proxifier->MITM_PROXY->Server

I think only one working so far was this combination: SSLSplit on virtualized Linux + virtualized Windows with the application and default gateway set to that linux. Which is as you can imagine very inconvenient. Also the SSLSplit logs both recv and send into one file, which can be problematic with binary stream (I could deal with it I guess).

Any advices?

Schnappi
  • 125
  • 2
  • 10
  • 2
    perhaps you should ask on [Server Fault](http://serverfault.com/). The admin guys may be able to make some recommendations for you. Some might even run those appliances at their site. – jww Aug 06 '14 at 17:11
  • Well, "Server Fault" is for enterprise projects. I need this for my own "home" purposes. – Schnappi Aug 11 '14 at 20:11

2 Answers2

0

You could also use sslsplit -L to log to a single log file or named pipe and use a simple script to parse the log format used by SSLsplit, extracting the binary payload and do whatever you like with it. -L uses log headers for each logged segment. SSLsplit comes with a simple python module for parsing its log files in extra/logreader.py.

Daniel Roethlisberger
  • 6,958
  • 2
  • 41
  • 59
-2

I know its a rather old question (4 months), but as it still has not been answered i'll give it a shot and leave a direction for future searches.

Have you tried Cain&Abel or stunnel?

user4151285
  • 1