witch program for intercept https traffic

Started by cybercontrol, March 28, 2013, 11:33:10 PM

Previous topic - Next topic


Good evening, what software you can 'be used to decrypt https traffic ?
I can ask for courtesy on windows What software  I can use ?

I have downloaded this file( Link Download down on the page )  http://www.komodia.com/sniffer  is a DDL
Is virus ? what is it ?  Thank you so mutch


You can use sslstrip to sniff https traffic, actually it catches for conversion of http to https. You have to do a man in the middle attack
Avoid the Gates of Hell. Use Linux. :P


sslstrip, also ettercap if your target accept the fake certificate, or if you are into a scenario that allow you to set up a transparent proxy mallory is a good choise!
una voce libera รจ sempre liberatrice


When i tested out ssltrip with easy-creds on BB3 i am able to grab creds from all my accounts, PayPal, Gmail, etc. when going to the sites from my Android.  However, when testing from my lappy, Google Chrome, can't do it.  Let me know if you have any ideas, been googling... 



Maybe it is because of my dd-wrt router etc but i have totally failed at anything MITM lately, plus, i hammer my network with any settings for arp poison, i've tried and tried.  I've also loaded up other pen test distros, even reaver pro custom, same deal, tried every script i could find, before i got the dd-wrt i could grab any creds with easy-creds or do it all from cli, so, i'm screwed on my network for now, which, i guess is a good thing, but, gonna lay off of it, focus on wireshark and sniffing.  See what i can break there.  Sorry about my "moment" on the channel everyone, sometimes, i freak myself out, a total ass.  Try to be good.  I love BB.  I gotta lay off the "self sabotage" crap i guess.  So, thanx for being more grown up and adult than i act at times.  Sincerely, rod