Re: [Full-disclosure] Tool for SSL Proxy mitm

[Yann <yann_eads@xxxxxxxx>]

If you're looking for an HTTPS proxy, Charles may help you :
http://www.charlesproxy.com/


I think (can't verify since this URL is blocked by my company proxy) it also 
works on Mac OS.

 
> -----Message d'origine-----
> De : full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-
> bounces@xxxxxxxxxxxxxxxxx] De la part de fG
> Envoyé : mardi 20 mai 2008 18:06
> À : full-disclosure@xxxxxxxxxxxxxxxxx
> Objet : [Full-disclosure] Tool for SSL Proxy
mitm
> 
> Hello,
> 
> I'm looking for a SSL proxy to do a mitm against a
specific software..
> Since there is certificate verification, what I'm
thinking is to modify
> the program certificates so it can communicate with
the proxy and then
> have the proxy communicate with the final server
with legit identification
> grabbed from the program.
> My objective is to snoop what is being sent. I could
try to do some API
> hooking but still not explored this on Mac OS X.
Anyone knows some good
> reading for hooking on Tiger ?
> 
> Thanks,
> fG
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia -
http://secunia.com/

__________________________________________________
Do You Yahoo!?
En finir avec le spam? Yahoo! Mail vous offre la meilleure protection possible 
contre les messages non sollicités 
http://mail.yahoo.fr Yahoo! Mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/