Wireshark-users: Re: [Wireshark-users] SSL Spoofing

From: Sake Blok <sake@xxxxxxxxxx>
Date: Tue, 7 Sep 2010 15:29:16 +0200
On 7 sep 2010, at 15:03, Mr. Gecko wrote:

> I need to spoof SSL to do testing on my stuff, I do not have access to the certificate of the site, but I can add to my machine a certificate authority that I own, meaning I can create certificates for the site I need to access, but the problem would be that I would need to spoof the SSL so it uses my certs and the only way I can think of doing that is having some application to talk back to the real server and re-encrypt the data and send it back to the browser like a proxy. Does anyone know of a application that could do this? I was thinking that Wireshark may be able to do this as it's a tool that most people uses for packet capturing. I am not trying to hack someone or steal people's passwords, I'm just am needing this for debugging my software and finding out new things that I can do to make my software better. I also plan to do some reverse engineering to a website only application and make it a real application as I hate web apps.

Have a look at  Fiddler : http://www.fiddler2.com/fiddler2/

Cheers,


Sake