Difference between revisions of "Socat"
imported>Pew |
|||
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | + | Socat is a commandline network tool akin to [[w:netcat|netcat]]. It supports SSL, IPv6 and several more protocols. It can come in handy when attempting to sniff traffic that has to speak SSL because setting up a cleartext to SSL proxy is relatively straightforward. | |
− | |||
− | Socat is a commandline network tool akin to [[netcat]]. It supports SSL, IPv6 and several more protocols. It can come in handy when attempting to sniff traffic that has to speak SSL because setting up a cleartext to SSL proxy is relatively straightforward. | ||
=TCP to STDIN= | =TCP to STDIN= | ||
Line 10: | Line 8: | ||
=Cleartext to SSL Tunnel for DyKnow= | =Cleartext to SSL Tunnel for DyKnow= | ||
− | One can create a plaintext to SSL proxy with socat, useful for performing a man-in-the-middle attack to study network traffic when there is an SSL-only server, but the client application has a vanilla TCP mode available. To do so, use a variant of the following command, originally used to look at [[DyKnow]]'s traffic to [[Virginia Tech]] servers. | + | One can create a plaintext to SSL proxy with socat, useful for performing a man-in-the-middle attack to study network traffic when there is an SSL-only server, but the client application has a vanilla TCP mode available. To do so, use a variant of the following command, originally used to look at [[DyKnow]]'s traffic to [[gp:Virginia Tech|Virginia Tech]] servers. |
<pre> | <pre> | ||
$ socat tcp4-listen:1337,fork openssl:dyknow.lt.vt.edu:443,cafile=/etc/ssl/certs/GlobalSign_Root_CA.pem | $ socat tcp4-listen:1337,fork openssl:dyknow.lt.vt.edu:443,cafile=/etc/ssl/certs/GlobalSign_Root_CA.pem | ||
</pre> | </pre> | ||
− | [[Category: | + | [[Category:Software]] |
[[Category:Howtos]] | [[Category:Howtos]] | ||
− | |||
− | |||
− | |||
− |
Latest revision as of 02:40, 4 January 2019
Socat is a commandline network tool akin to netcat. It supports SSL, IPv6 and several more protocols. It can come in handy when attempting to sniff traffic that has to speak SSL because setting up a cleartext to SSL proxy is relatively straightforward.
TCP to STDIN
To create a classic TCP listening daemon, similar to netcat -l
, use a variation of the following command.
$ socat TCP-LISTEN:8080 stdout
Cleartext to SSL Tunnel for DyKnow
One can create a plaintext to SSL proxy with socat, useful for performing a man-in-the-middle attack to study network traffic when there is an SSL-only server, but the client application has a vanilla TCP mode available. To do so, use a variant of the following command, originally used to look at DyKnow's traffic to Virginia Tech servers.
$ socat tcp4-listen:1337,fork openssl:dyknow.lt.vt.edu:443,cafile=/etc/ssl/certs/GlobalSign_Root_CA.pem