Difference between revisions of "Socat"
(Undo revision 1490 by [[Special:Contributions/imported>Pew|imported>Pew]] ([[User talk:imported>Pew|talk]])) (Tag: Undo) |
|||
| Line 1: | Line 1: | ||
| − | Socat is a commandline network tool akin to [[netcat]]. It supports SSL, IPv6 and several more protocols. It can come in handy when attempting to sniff traffic that has to speak SSL because setting up a cleartext to SSL proxy is relatively straightforward. | + | Socat is a commandline network tool akin to [[w:netcat|w:netcat]]. It supports SSL, IPv6 and several more protocols. It can come in handy when attempting to sniff traffic that has to speak SSL because setting up a cleartext to SSL proxy is relatively straightforward. |
=TCP to STDIN= | =TCP to STDIN= | ||
Revision as of 02:39, 4 January 2019
Socat is a commandline network tool akin to w:netcat. It supports SSL, IPv6 and several more protocols. It can come in handy when attempting to sniff traffic that has to speak SSL because setting up a cleartext to SSL proxy is relatively straightforward.
TCP to STDIN
To create a classic TCP listening daemon, similar to netcat -l, use a variation of the following command.
$ socat TCP-LISTEN:8080 stdout
Cleartext to SSL Tunnel for DyKnow
One can create a plaintext to SSL proxy with socat, useful for performing a man-in-the-middle attack to study network traffic when there is an SSL-only server, but the client application has a vanilla TCP mode available. To do so, use a variant of the following command, originally used to look at DyKnow's traffic to Virginia Tech servers.
$ socat tcp4-listen:1337,fork openssl:dyknow.lt.vt.edu:443,cafile=/etc/ssl/certs/GlobalSign_Root_CA.pem
