[wplug] I need to "wiretap" an HTTPS connection - how?

Jake S jskiba99 at hotmail.com
Fri Oct 31 14:35:13 EDT 2014 

For something like firefox I'd try firebug (see net tab).  Also if you have access to a windows box Fiddler is a nice proxy.  It *can* mitm your ssl requests with it's own root cert.  I think something like burpsuite or zap would be easy enough to use. It's been a while since I've used either of those.
 
http://getfirebug.com/
 
http://www.telerik.com/fiddler
 
http://portswigger.net/burp/
 
http://code.google.com/p/zaproxy/
 
-Jake
 
 
 
> Date: Fri, 31 Oct 2014 14:26:42 -0400
> From: pat at lectroid.com
> To: wplug at wplug.org
> Subject: Re: [wplug] I need to "wiretap" an HTTPS connection - how?
> 
> No, we don't - the server is operated by a different team than the one 
> I'm working with.  Aside from making SOAP API calls, we have no access 
> to the server itself.  (The server is actually operated by the 
> organization I'm working with, but by a different team - worse comes to 
> worse, we may need to figure out how to get someone on the team that 
> operates the server to dig through server logs for us - but it's a large 
> organization, and the person I'm working with doesn't know or work with 
> any of those folks....)
> 
> --Pat.
> 
> On 10/31/2014 1:59 PM, Chris Thomas wrote:
> > Do you have access to the server's SSL private keys? If so, you can install
> > them into Wireshark and decrypt the encrypted traffic.
> >
> > -Chris
> >
> > On Fri, Oct 31, 2014 at 12:39 PM, Pat Barron <pat at lectroid.com> wrote:
> >
> >> So, long story short...
> >>
> >> I have an application making an HTTPS connection to a URL (for the purpose
> >> of POSTing a SOAP request, though that's probably not relevant per se...).
> >> Before successfully completing the HTTPS request, the remote side is
> >> dropping the connection on me.  I have no idea why.  I'd like to be able to
> >> see what is actually being sent/received on  the connection - though that
> >> is tough, since it is encrypted...
> >>
> >> I have the ability to change the host and URL that is being used, and to
> >> make the application use HTTP instead of HTTPS.  What I have in mind, is to
> >> try to put some kind of proxy between the app and the remote server, so
> >> that the app connects to the proxy using HTTP, and have the proxy connect
> >> on it's behalf to the remote server using HTTPS.  Then I can sniff the
> >> traffic on the unencrypted HTTP connection and get a better idea what is
> >> going on.
> >>
> >> Can anyone suggest a simple proxy I could use for this?
> >>
> >> --Pat.
> >>
> >> _______________________________________________
> >> wplug mailing list
> >> wplug at wplug.org
> >> http://www.wplug.org/mailman/listinfo/wplug
> >>
> > _______________________________________________
> > wplug mailing list
> > wplug at wplug.org
> > http://www.wplug.org/mailman/listinfo/wplug
> 
> 
> _______________________________________________
> wplug mailing list
> wplug at wplug.org
> http://www.wplug.org/mailman/listinfo/wplug

More information about the wplug mailing list