[gentoo-user] Re: intercept browser traffic
On Apr 12, 2005 1:49 PM, Antoine [EMAIL PROTECTED] wrote: Hi, I am looking for a way to intercept a stream before it gets to my browser, so I can see everything that is being sent to me, and that I send back. Does anyone know know of a tool that will do this for me? Cheers Antoine btw, it is in https, but seeing as it is my browser I want to spy on, isn't that OK? ;-) Antoine -- G System, The Evolving GUniverse - http://www.g-system.at -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Re: intercept browser traffic
Hi, On Tue, 12 Apr 2005 14:23:58 +0200 Antoine [EMAIL PROTECTED] wrote: btw, it is in https, but seeing as it is my browser I want to spy on, isn't that OK? technically, it is not. You could intercept network traffic at the link level and even simulate the remote host and its correct address but you'd need to gain the key and cert of the remote server to make your solution fully transparent. Usually, you don't have the key. If it's not intended to be fully transparent, it's no problem to use any custom certificate for that or even do https only from proxy to remote server and use plain http to the proxy. Simple network sniffers won't work here, the traffic would be encrypted. Seems that ssldump can do the fully transparent decryption of ssl connections. For the proxy-solution with a new certificate have a look at the famous dsniff package and read about webmitm. This will be of interest: http://monkey.org/~dugsong/dsniff/faq.html#How%20do%20I%20sniff%20/%20hijack%20HTTPS%20/%20SSH%20connections HWH -- gentoo-user@gentoo.org mailing list