SSL Server needs access to raw HTTP data (Request for adivce)
Richard Powell
crypto at hackhawk.net
Sat Jan 13 22:03:18 EST 2007
Hello,
I was hoping someone on this list could provide me with a link to a tool
that would enable me to dump the raw HTTP data from a web request that
uses SSL/HTTPS. I have full access to the server, but not to the
client, and I want to know exactly/precisely what the client is
transmitting.
I've considered a few options, including....
eg... using apache_request_header() from php
Need to have php installed as module, which I don't.
Also, not sure it would give me the complete RAW stream that I want
and didn't want to waste my time installing a test server if it
wasn't going to fully work.
eg... tried using "openssl s_server -accept 443 -WWW -debug -msg
This option didn't seem to display/dump the raw HTTP stream.
I could not locate an option that would enable seeing this
information.
I've been searching google for hours for some sort of tool to no avail.
If I don't find a reasonable/quick option, my next solution is going to
be to hack the s_server.c file from openssl and add the necessary
statements to dump the desired stream. I'm not too excited about this
option, but I suppose if that's the best option I have, then so be
it. :)
Thanks in advance for any advice.
Richard
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list