Hi list, I have been searching for a way to intercept/inspect SSL communications for software diagnosing and auditing purposes. I have managed to intercept HTTP connections with HTTP proxy software (like WebScarab), but I can not find a general purpose program which enables me to intercept any protocol in a general way. That is why I was thinking to implement a proxy in a style similar to s_server piped to an s_client, then make the communication flow through this proxy (via iptables for example). This would enable me to: - tamper certificates, in order to see if the application realizes the certificate has been changed - force SSL/TLS version and cipher specifications - dump cleartext traffic - dump the Master key negotiated with server (which would enable me, for example, to record a conversation on the wire with Wireshark, then use the master key to decrypt it)
First of all, I would like to know if you know of an existent tool which already does this (of course!). And if the response is negative, I would like to receive your coding tips, warnings, pitfalls, etc. Do you think this could be an interesting contribution? Thanks a lot! -- Jordi Giménez
