On Sat, Sep 07, 2002, Alon Altman wrote about "Web hack tools": > Hi, > I'm looking for two different tools for the purpose of accessing IE-only > websites, and automating access to websites: > > 1. A 'sniffer' for HTTP over SSL. I am looking for a tool I can install on > my LINUX firewall that will intercept an SSL connection, act as if it's > the actual server (I will accept to bad certificate on the client), and > log all communications, similar to a normal sniffer. > Using this tool I can see all requests MSIE sends to the server and the > responses from the server.
Something like http://crypto.stanford.edu/~eujin/sslsniffer/ perhaps? You can also use some sort of generic SSL proxy, say apache+modssl running as a proxy. > 2. A "manual browser" that supports SSL. I need a tool I can tell exactly > what headers to send and what method to use to get what URL, and it > will fetch that URL and show the source. Optional: Detecting forms, Curl works well with SSL, and sounds like it might be exactly what you want. If you have an old version of curl you might want to install one from sources, as curl has been developing quite rapidly in the last couple of years, and I believe SSL support was only added this year (though I don't remember the details). I also believe that recently SSL support was added to wget. But in many respects "wget" is less convenient than Curl for the purposes you describe, if I understand them correctly. Shana Tova to all the list, and hopefully to the whole world! Nadav. -- Nadav Har'El | Saturday, Sep 7 2002, 1 Tishri 5763 [EMAIL PROTECTED] |----------------------------------------- Phone: +972-53-245868, ICQ 13349191 |"God is dead." - Nietzsche; "Nietzsche is http://nadav.harel.org.il |dead" - God ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
