Skip to content
SSL man-in-the-middle tool targeting iOS devices < 4.3.5
Python
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
cacerts initial commit Aug 2, 2011
logs
.tld_set
README
SSL_Certificate_CN2.py
color.py Stolen from https://github.com/SecurusGlobal/Abrupt Aug 24, 2011
iSniff.py Added colours Aug 24, 2011
tldextract.py

README

iSniff.py [updated release 2011-08-25]

SSL man-in-the-middle tool inspired by Moxie Marlinspike's sslsniff 0.8

Successfully tested against iOS < 4.3.5 devices vulnerable to CVE-2011-0228 
basic constraints validation issue (see http://support.apple.com/kb/HT4824)
discovered by Gregor Kopf / Paul Kehrer

Written by hubert(a)pentest.com / @hubert3

Redirect SSL traffic from NAT'd clients to iSniff as follows:

iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-ports 2000

Linux/iptables is currently required for iSniff to determine the intended destination
of redirected traffic and generate working certs. Other platforms are not supported.

Any certificate trusted by iOS can be used as signing_cert - The example config below
uses an APNS cert extracted from an iPhone using 'nimble' (tool and cert not included). 
The certificate chain constructed with this config is similar to the one presented at 
https://issl.recurity.com. Website certs issued by other trusted CAs such as Verisign, 
Startcom, Comodo etc. also work.

Tested on Debian GNU/Linux 6.0 (kernel 2.6.32-5-686, Python 2.6.6)
Packages required: python-m2crypto
You can’t perform that action at this time.