Re: Reverse engineering program protocol under ssl

http://www.rtfm.com/ssldump/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL

RE: Reverse engineering program protocol under ssl

From: Peter Sylvester http://www.rtfm.com/ssldump/ Thank you for your reply Peter, Unfortunately I already looked into this, and found that I would need the server keys. All I have is the client application, and a production server that it communicates back to. Thanks again, Kenny --

RE: Reverse engineering program protocol under ssl

From: Charles B Cranston MacDermid, Kenny wrote: I'm looking to locally reverse engineer a network protocol that's encrypted using ssl. Another method would be to use a man-in-the-middle attack on a third machine, but that machine would need access to the private key of the

Re: Reverse engineering program protocol under ssl

On Wed, Nov 24, 2004, MacDermid, Kenny wrote: From: Charles B Cranston MacDermid, Kenny wrote: I'm looking to locally reverse engineer a network protocol that's encrypted using ssl. Another method would be to use a man-in-the-middle attack on a third machine, but that machine

RE: Reverse engineering program protocol under ssl

in openssl/apps/s_client;c you find: if (c_debug) { con-debug=1; BIO_set_callback(sbio,bio_dump_cb); BIO_set_callback_arg(sbio,bio_c_out); } if (c_msg) {

Re: Reverse engineering program protocol under ssl

You're quite welcome. I'm sure the journalling-DLL approach would work just as well. Just for information, if you have administrative access to the server and it is based on Windows, you might be able to save the certificate and key as a .pfx file, then use the OpenSSL pkcs12 command to extract

RE: Reverse engineering program protocol under ssl

From: MacDermid, Kenny Sent: Wednesday, November 24, 2004 8:33 AM To: [EMAIL PROTECTED] Subject: RE: Reverse engineering program protocol under ssl From: Peter Sylvester http://www.rtfm.com/ssldump/ Thank you for your reply Peter, Unfortunately I already looked

Re: Reverse engineering program protocol under ssl

Actually, I'm trying to do this very thing. I had not heard of ssldump and now I'm kicking myself. You should definitely use this ssldump thing. What I was eventually going to do, which you could do also, is find out what address is the call to SSL_verify or whatever that checks the

RE: Reverse engineering program protocol under ssl

From: Charles B Cranston MacDermid, Kenny wrote: I'm looking to locally reverse engineer a network protocol that's encrypted using ssl. Another method would be to use a man-in-the-middle attack on a third machine, but that machine would need access to the private key of the

Re: Reverse engineering program protocol under ssl

MacDermid, Kenny wrote: I'm looking to locally reverse engineer a network protocol that's encrypted using ssl. The program runs under windows and is using ssl dll's. I'm currently trying to work out the easiest solution, and am looking for suggestions. I'm considering either trying to wrap the