398
edits
Changes
no edit summary
=Cleartext to SSL Tunnel for DyKnow=
One can create a plaintext to SSL proxy with socat, useful for performing a man-in-the-middle attack to study network traffic when there is an SSL-only server, but the client application has a vanilla TCP mode available. To do so, use a variant of the following command, originally used to look at [[DyKnow]]'s traffic to [[gp:Virginia Tech|Virginia Tech]] servers.
<pre>
$ socat tcp4-listen:1337,fork openssl:dyknow.lt.vt.edu:443,cafile=/etc/ssl/certs/GlobalSign_Root_CA.pem
