Discussion:
looking for a HTTPS redirect server
(too old to reply)
Frederic Charpentier
2005-05-20 14:20:57 UTC
Permalink
Hi Rajeev;
the solution is "Stunnel" at http://www.stunnel.org/download/

stunnel -c -d 127.0.0.1:80 -r your-https-server:443

your-scanner-program 127.0.0.1 80

If your tool is too aggressive, stunnel will fall down.

Fred.
i am looking for a HTTPS redirect tool, not a proxy.
i need to test a web based application, it communicates via port 443
only and doesnot have option of specifying the proxy server, only server
ip address can be given.
i want a redirect tool that will accept connections on ssl and forward
it to the web server, it should itself act like a web server not a proxy
server.
i could have achived it via Cain arp posioning but i need to edit the
data also
anybody know of such tool?
thanks,
rajeev
--
Frederic Charpentier - Xmco Partners
Security Consulting / Pentest
web : http://www.xmcopartners.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Todd Towles
2005-05-20 14:23:36 UTC
Permalink
So you want a SSL MITM attack program? Any port redirector can redirect
the encrypted traffic, but how you are going to edit the traffic without
a proxy setup?
-----Original Message-----
Of Rajeev Kapoor
Sent: Friday, May 20, 2005 9:13 AM
Subject: [Full-disclosure] looking for a HTTPS redirect server
i am looking for a HTTPS redirect tool, not a proxy.
i need to test a web based application, it communicates via
port 443 only and doesnot have option of specifying the proxy
server, only server ip address can be given.
i want a redirect tool that will accept connections on ssl
and forward it to the web server, it should itself act like a
web server not a proxy server.
i could have achived it via Cain arp posioning but i need to
edit the data also anybody know of such tool?
thanks,
rajeev
________________________________
Yahoo! Mail
Stay connected, organized, and protected. Take the tour
<http://tour.mail.yahoo.com/mailtour.html>
Rajeev Kapoor
2005-05-20 14:29:55 UTC
Permalink
when i say it i am not looking for a proxy server i
mean that the attack tool should not act like a Proxy
Server but a web server. its a ssl mitm attack but
only thing is that attack tool is not a proxy but a
web server that is acting as a redirect tool.
i guess fedric solution will do the job.

thanks,
rajeev
Post by Todd Towles
So you want a SSL MITM attack program? Any port
redirector can redirect
the encrypted traffic, but how you are going to edit
the traffic without
a proxy setup?
-----Original Message-----
On Behalf
Of Rajeev Kapoor
Sent: Friday, May 20, 2005 9:13 AM
Subject: [Full-disclosure] looking for a HTTPS
redirect server
i am looking for a HTTPS redirect tool, not a
proxy.
i need to test a web based application, it
communicates via
port 443 only and doesnot have option of
specifying the proxy
server, only server ip address can be given.
i want a redirect tool that will accept
connections on ssl
and forward it to the web server, it should itself
act like a
web server not a proxy server.
i could have achived it via Cain arp posioning but
i need to
edit the data also anybody know of such tool?
thanks,
rajeev
________________________________
Yahoo! Mail
Stay connected, organized, and protected. Take the
tour
<http://tour.mail.yahoo.com/mailtour.html>
_______________________________________________
Full-Disclosure - We believe in it.
http://lists.grok.org.uk/full-disclosure-charter.html
Post by Todd Towles
Hosted and sponsored by Secunia -
http://secunia.com/>
_______________________________________________
Post by Todd Towles
Full-Disclosure - We believe in it.
http://lists.grok.org.uk/full-disclosure-charter.html
Post by Todd Towles
Hosted and sponsored by Secunia -
http://secunia.com/


__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Gaurav Kumar
2005-05-20 14:38:46 UTC
Permalink
wait.. fedric solution is not gonna work...beacuse the client is a
thick application and only allows ip address of the web server to be
entered, there is no option i can change ssl port 443 also.

in short,

the client send HTTPS request directly to the webserver, and the
client doesnt allow to change anything other than server address.

how do i edit these https requests?

thanks,
rajeev
Post by Rajeev Kapoor
when i say it i am not looking for a proxy server i
mean that the attack tool should not act like a Proxy
Server but a web server. its a ssl mitm attack but
only thing is that attack tool is not a proxy but a
web server that is acting as a redirect tool.
i guess fedric solution will do the job.
thanks,
rajeev
Post by Todd Towles
So you want a SSL MITM attack program? Any port
redirector can redirect
the encrypted traffic, but how you are going to edit
the traffic without
a proxy setup?
-----Original Message-----
On Behalf
Of Rajeev Kapoor
Sent: Friday, May 20, 2005 9:13 AM
Subject: [Full-disclosure] looking for a HTTPS
redirect server
i am looking for a HTTPS redirect tool, not a
proxy.
i need to test a web based application, it
communicates via
port 443 only and doesnot have option of
specifying the proxy
server, only server ip address can be given.
i want a redirect tool that will accept
connections on ssl
and forward it to the web server, it should itself
act like a
web server not a proxy server.
i could have achived it via Cain arp posioning but
i need to
edit the data also anybody know of such tool?
thanks,
rajeev
________________________________
Yahoo! Mail
Stay connected, organized, and protected. Take the
tour
<http://tour.mail.yahoo.com/mailtour.html>
_______________________________________________
Full-Disclosure - We believe in it.
http://lists.grok.org.uk/full-disclosure-charter.html
Post by Todd Towles
Hosted and sponsored by Secunia -
http://secunia.com/>
_______________________________________________
Post by Todd Towles
Full-Disclosure - We believe in it.
http://lists.grok.org.uk/full-disclosure-charter.html
Post by Todd Towles
Hosted and sponsored by Secunia -
http://secunia.com/
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Gaurav Kumar
2005-05-20 14:40:38 UTC
Permalink
i am working on the same project, so sharing email address.
Post by Gaurav Kumar
wait.. fedric solution is not gonna work...beacuse the client is a
thick application and only allows ip address of the web server to be
entered, there is no option i can change ssl port 443 also.
in short,
the client send HTTPS request directly to the webserver, and the
client doesnt allow to change anything other than server address.
how do i edit these https requests?
thanks,
rajeev
Post by Rajeev Kapoor
when i say it i am not looking for a proxy server i
mean that the attack tool should not act like a Proxy
Server but a web server. its a ssl mitm attack but
only thing is that attack tool is not a proxy but a
web server that is acting as a redirect tool.
i guess fedric solution will do the job.
thanks,
rajeev
Post by Todd Towles
So you want a SSL MITM attack program? Any port
redirector can redirect
the encrypted traffic, but how you are going to edit
the traffic without
a proxy setup?
-----Original Message-----
On Behalf
Of Rajeev Kapoor
Sent: Friday, May 20, 2005 9:13 AM
Subject: [Full-disclosure] looking for a HTTPS
redirect server
i am looking for a HTTPS redirect tool, not a
proxy.
i need to test a web based application, it
communicates via
port 443 only and doesnot have option of
specifying the proxy
server, only server ip address can be given.
i want a redirect tool that will accept
connections on ssl
and forward it to the web server, it should itself
act like a
web server not a proxy server.
i could have achived it via Cain arp posioning but
i need to
edit the data also anybody know of such tool?
thanks,
rajeev
________________________________
Yahoo! Mail
Stay connected, organized, and protected. Take the
tour
<http://tour.mail.yahoo.com/mailtour.html>
_______________________________________________
Full-Disclosure - We believe in it.
http://lists.grok.org.uk/full-disclosure-charter.html
Post by Todd Towles
Hosted and sponsored by Secunia -
http://secunia.com/>
_______________________________________________
Post by Todd Towles
Full-Disclosure - We believe in it.
http://lists.grok.org.uk/full-disclosure-charter.html
Post by Todd Towles
Hosted and sponsored by Secunia -
http://secunia.com/
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
V***@vt.edu
2005-05-20 14:53:26 UTC
Permalink
Post by Gaurav Kumar
wait.. fedric solution is not gonna work...beacuse the client is a
thick application and only allows ip address of the web server to be
entered, there is no option i can change ssl port 443 also.
in short,
the client send HTTPS request directly to the webserver, and the
client doesnt allow to change anything other than server address.
So do this instead:

stunnel -c -d 127.0.0.1:443 -r your-https-server:443

your-scanner-program 127.0.0.1 443

Change the 2 80s to 443s. ;)

Or use a second tunnel (ssh, whatever) to connect the 80 to the 443.

Probably can do this with iptables if you're on a Linuxoid box too..
Vincent Archer
2005-05-20 14:57:00 UTC
Permalink
Post by Gaurav Kumar
wait.. fedric solution is not gonna work...beacuse the client is a
thick application and only allows ip address of the web server to be
entered, there is no option i can change ssl port 443 also.
in short,
the client send HTTPS request directly to the webserver, and the
client doesnt allow to change anything other than server address.
how do i edit these https requests?
You don't need to. A simple TCP redirector should do the job, listening
on port 443 on whatever IP you can use, which forwards everything to
the real server.

You have about 90% chances of it working. What fails is if there are
replies from the web server that include URL to connect to, and those
specify the web server. If so, the odds are that your client application
will try to connect to the server directly, bypassing the connection.

Our product at DenyAll does what you want out of the box (full MITM, with
rewriting of URI), but it might be a bit overboard for what you want.

You can probably tinker an basic apache server with proxy mode enabled,
and use it as a reverse proxy (the apache server acts as a normal server,
but forwards some or all requests to one or more different servers instead
of serving them on its own).

Then, your application can be a bit "more than HTML", and merely use the
HTTP protocol as a conduit for its own protocol. That category of
applications often fails because it assumes that the client always speaks
directly to the server, without any alteration to content, connection and
timing, and sometimes this assumption fails. If that's the case, you're
out of luck.
--
Vincent ARCHER
***@denyall.com

Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Eric Paynter
2005-05-20 17:14:05 UTC
Permalink
Post by Gaurav Kumar
wait.. fedric solution is not gonna work...beacuse the client is a
thick application and only allows ip address of the web server to be
entered, there is no option i can change ssl port 443 also.
in short,
the client send HTTPS request directly to the webserver, and the
client doesnt allow to change anything other than server address.
how do i edit these https requests?
If you just want to relay the request to a different port or IP address,
maybe a netcat relay will work?

-Eric

--
arctic bears - email and dns services
http://www.arcticbears.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Loading...