From the Linux and Unix Users Group at Virginia Teck Wiki
imported>Pew |
imported>Pew |
| Line 1: |
Line 1: |
| − | TODO: Move to software page
| + | [[Category:Pending deletion]] |
| − | | |
| − | Socat is a commandline network tool akin to [[netcat]]. It supports SSL, IPv6 and several more protocols. It can come in handy when attempting to sniff traffic that has to speak SSL because setting up a cleartext to SSL proxy is relatively straightforward.
| |
| − | | |
| − | =TCP to STDIN=
| |
| − | To create a classic TCP listening daemon, similar to <code>netcat -l</code>, use a variation of the following command.
| |
| − | <pre>
| |
| − | $ socat TCP-LISTEN:8080 stdout
| |
| − | </pre>
| |
| − | | |
| − | =Cleartext to SSL Tunnel for DyKnow=
| |
| − | One can create a plaintext to SSL proxy with socat, useful for performing a man-in-the-middle attack to study network traffic when there is an SSL-only server, but the client application has a vanilla TCP mode available. To do so, use a variant of the following command, originally used to look at [[DyKnow]]'s traffic to [[Virginia Tech]] servers.
| |
| − | <pre>
| |
| − | $ socat tcp4-listen:1337,fork openssl:dyknow.lt.vt.edu:443,cafile=/etc/ssl/certs/GlobalSign_Root_CA.pem
| |
| − | </pre>
| |
| − | | |
| − | [[Category:Needs restoration]] | |
Revision as of 04:01, 4 January 2018
