Skip to content

Daniel Roethlisberger
droe

Organizations

@CIRCL @switch-ch
Apr 27, 2016
droe commented on issue droe/sslsplit#135
@droe

The trick is that in plain SSL mode (ssl), sslstrip does not parse HTTP and thus does not remove "harmful" headers like Alternate-Protocols: or eve…

Apr 26, 2016
droe commented on issue droe/sslsplit#135
@droe

Try using "https 0.0.0.0 8443" instead of "ssl 0.0.0.0 8443", does it help?

Apr 24, 2016
droe commented on issue droe/sslsplit#135
@droe

Can you post an example log illustrating the problem along with configuration details and the output of sslsplit -V?

Apr 21, 2016
droe commented on issue droe/sslsplit#131
@droe

Makes sense, I moved your suggestion to a separate issue.

Apr 21, 2016
droe opened issue droe/sslsplit#134
@droe
Log connection-related errors to content and connect logs
Apr 21, 2016
droe commented on issue droe/sslsplit#131
@droe

Note that your choice of CA certificate algorithms may be an issue too (use of obsolete algorithms or keysizes).

Apr 21, 2016
droe closed issue droe/sslsplit#131
@droe
OpenSSL error from bufferevent: tlsv1 alert unknown ca
Apr 21, 2016
droe commented on issue droe/sslsplit#131
@droe

HSTS can be the reason for a client to reject a connection with that alert message. You can try to flush the HSTS cache and make sure the device is…

Apr 19, 2016
droe commented on issue droe/sslsplit#126
@droe

I moved the idea of copying the client's cipher suites into the server connection to a separate issue in order to keep this issue scoped on moderni…

Apr 19, 2016
droe opened issue droe/sslsplit#133
@droe
Use client-requested cipher suites for server connection and support anonymous suites
Apr 19, 2016
droe opened issue droe/sslsplit#132
@droe
Add connection ID to per-connection log entries
Apr 19, 2016
droe commented on issue droe/sslsplit#131
@droe

Yes, with client-side debug log I mean the application and/or the OS that is initiating the SSL connection that you are intercepting, so either the…

Apr 19, 2016
droe pushed to develop at droe/sslsplit
@droe
Apr 19, 2016
droe pushed to develop at droe/sslsplit
@droe
  • @droe ac1d440
    Reorder status flags by purpose
Apr 19, 2016
droe commented on issue droe/sslsplit#131
@droe

I committed 1d267e6 to develop in order to indicate which bufferevent (src or dst) is receiving an error. It should show the above error as a src b…

Apr 19, 2016
droe pushed to develop at droe/sslsplit
@droe
  • @droe 1d267e6
    Indicate src or dst for bufferevent errors
Apr 19, 2016
droe commented on issue droe/sslsplit#131
@droe

For some reason your client is sending a TLSv1 alert "unknown ca" (TLS alert code 48, always fatal) instead of completing the handshake. Why it doe…

Apr 17, 2016
droe commented on issue droe/sslsplit#129
@droe

No concerns except for the not human readable raw logs produced by sslsplit; postprocessing can fix that. To answer your question: the raison d'etr…

Apr 7, 2016
droe commented on issue droe/sslsplit#129
@droe

Also, can you be more specific on the «problems for some misbehaving web servers» that you mention?

Apr 7, 2016
droe closed issue droe/sslsplit#125
@droe
SSLsplit forwarding traffic to localhost instead of remote host
Apr 7, 2016
droe commented on issue droe/sslsplit#125
@droe

Assuming not a bug in SSLsplit and closing issue. Feel free to follow up if you have more information (answers to the above questions, network capt…

Apr 4, 2016
droe closed issue droe/sslsplit#130
@droe
Can we modify sslsplit to socks5 proxy?
Apr 4, 2016
droe commented on issue droe/sslsplit#130
@droe

Duplicate of #94, closing this ticket, please move discussion there.

Apr 4, 2016
droe commented on issue droe/sslsplit#129
@droe

SSLsplit is transparent in that it doesn't operate as a proxy configured in the client (browser) but instead intercepts regular connections from th…

Mar 30, 2016
droe closed issue droe/sslsplit#128
@droe
How do you know when a connection ended?
Mar 30, 2016
droe commented on issue droe/sslsplit#128
@droe

Implemented, testing welcome.

Mar 30, 2016
droe pushed to develop at droe/sslsplit
@droe
  • @droe 0cb5a02
    Update sample log parsing scripts to handle EOF
Mar 30, 2016
droe pushed to develop at droe/sslsplit
@droe
Mar 30, 2016
droe pushed to develop at droe/sslsplit
@droe
  • @droe 2b80f25
    Perform SSL shutdown for autossl upgraded connections
Mar 30, 2016
droe pushed to develop at droe/sslsplit
@droe
Something went wrong with that request. Please try again.