[nzlug] HTTPS proxy
Jim Cheetham
jim at gonzul.net
Wed Mar 14 15:05:57 NZDT 2007
Well, you can't decrypt SSL transactions unless you have a copy of the
server certificates at least.
Which end of the conversation do you control? The server, or the PC
with the applet?
If its the server, just run lots of debug logging from the web server.
If its the client, I don't think you'll be able to divert the
conversation to HTTP anyhow; but perhaps you could systrace the
application (especially easy if the applet were running on Linux). You
won't be able to see the requests on the network, but you might be
able to see them in memory.
Of course, as I understand things, this sort of reverse engineering is
illegal in some jurisdictions. IANAL, and the lawyers I do know won't
answer this sort of thing directly :-)
More information about the NZLUG
mailing list