[UPHPU] Network traffic sniffer that would work with SSL?
Mac Newbold
mac at macnewbold.com
Wed Aug 1 10:15:13 MDT 2007
Yesterday at 2:57pm, Kenneth Burgener said:
> >> 3. It would be very advantageous if you could get some examples of
> >> actual (successful) web service call XML code that was passed
> back and
> >> forth. To do this you will need some kind of sniffer software
> for the
> >> socket port that the web service is on.
> >
> >I had this thought, but the traffic is being passed over SSL, so
> >Ethereal would only see encrypted garbage.
>
>> It seems like I remember some tools that will work over SSL. Maybe
> others on the list remember what they are.
>
> Is anyone aware of a packet sniffer that would work with SSL traffic for
> development? I assume it would have to to catch the data before the
> application actually wrapped it in the SSL traffic, or catch the data
> immediately after the data is received an unwrapped. Is that even possible?
It looks like ssldump does what you want, if you've got access to the
right key so it can decrypt it. Looks great for running on a web server,
I'm not sure a client would be able to use it as easily though.
http://www.rtfm.com/ssldump/Ssldump.html
On freebsd it is in /usr/ports/net/ssldump, your distro may vary.
Mac
--
Mac Newbold MNE - Mac Newbold Enterprises, LLC
mac at macnewbold.com http://www.macnewbold.com/
More information about the UPHPU
mailing list