On Mon, 24 May 2004 14:14:42 +0000 yo8stl <[EMAIL PROTECTED]> wrote: > On Saturday 22 May 2004 11:10, Cristian Mirea wrote: > > Nu e vorba de decriptare, mai de graba de o pacaleala. Cand ai fost > > intrebatde acceptarea certificatului ai observat despre ce > > certificat era vorba? > Cred ca certificatul era ok...insa daca avea omul ssldump probabil ca > asa a aflat parola: http://www.rtfm.com/ssldump/ >
Ba nu. Citat din linkul tau: ssldump is an SSLv3/TLS network protocol analyzer. It identifies TCP connections on the chosen network interface and attempts to interpret them as SSLv3/TLS traffic. When it identifies SSLv3/TLS traffic, it decodes the records and displays them in a textual form to stdout. atentie mare acum: If provided with the appropriate keying material, it will also decrypt the connections and display the application data traffic. Deci nu se putea ca nu avea key, care era pe server. Asa cum am zis, Cain (snifferul) genera el certificate fake si se interpunea intre client si server. -- Mihai Voica --- Detalii despre listele noastre de mail: http://www.lug.ro/
