Simple as telnet
Gadgets Authentication Crypto ENV HTTP Regex Regex 2 Robots Snarfs SSL Stepper	Once you have OpenSSL built, opening an SSL connection to a server is as easy as the telnet technique we tried in the HTTP Gadget. The big difference is that you get a whole lot more back in the response. openssl s_client -connect server1000:443 But opening an SSL connection on a server and making a GET request doesn't do much, after awhile. OpenSSL lets you get a close look at the server's certificate, but what you really want to do is perform an SSL POST. After all, POST-ing to forms is most likely where you'll need SSL most. For starters, you can try forming the post exactly as you would when telnetting to port 80. But this can be tedious, so what we need is easily modifiable code that performs a secure post for us, just as Sneaky Pete made a standard post. To do that, we need to step back and build a gadget in the C language that performs a standard non-secure POST. Then we'll modify it to call the appropriate OpenSSL functions to do it over an SSL socket. << Back  Next >>
	Home | Gadgets | Code | Links | Reads | Contact Copyright © 1999, 2001, 2002 by John H. Byrd All rights reserved.