sslsplit
sslsplit copied to clipboard
droe
Transparent SSL/TLS interception
It should be noted that I captured packets through tcpdump on the server running sslsplit and found no client Hello message. All message information is as follows:  [root@localhost mythos]#...
I found such error ``` Error from src bufferevent: 0:- 337092801:193:no shared cipher:20:SSL routines:378:tls_post_process_client_hello Additional SSL error: 1:1:(null):0:(null):0:(null) ``` Is this a bug ? or I just not configured something...
This implements `-i` on Linux, as per long-standing open issue #61. Commit represents sslsplit-0.5.3-linux-pid-privsep.patch submitted by e-mail message . The patch author did not verify thread-safety of privsep_client* functions, need...
Hi, thanks for this wonderful project. Following several recent issues, it seems that the current passthrough implementation cannot work with apps that implement pinning, since it only operates once the...
I will get following error message, when I try using sni. ``` sslsplit -D -l connections.log -j /tmp/sslsplit/ -S /tmp/sslsplit/logdir/ -c /tmp/sslsplit/ca.crt -k /tmp/sslsplit/ca.key -W /tmp/sslsplit/gendir/ -P https 0.0.0.0 8443...
[root@c240-wzp2322007 ~]# curl -v -x -x 172.29.148.11:10025 --key /root/ca.key -cert --tlsv1.2 /root/ca.crt https://172.22.254.126 * About to connect() to proxy 172.29.148.11 port 8443 (#0) * Trying 172.29.148.11... * Connected to 172.29.148.11...
Currently the openssl security level is set to 0 when making and receiving proxied connections, but ca and client certificates specified in config are pre-loaded using a temporary ssl context...
Description of '-a pemfile' and '-A pemfile' are incorrectly mixed together: > -a pemfile > Use client certificate from pemfile when destination server re‐ > quests a client certificate. -A...
Some items from #220 - add to -r and -R config options to require/prohibit - fallback to TLSv1.2 when source connection is missing SNI (it is required in TLSv1.3)
This feature adds possibility of HTTP content filtering. It uses JSON format for configuration file. User can pass or drop URLs, methods and content-type (for response only). Example of configuration:...
