Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

sslsniff(1) [debian man page]

SSLSNIFF(1)						      General Commands Manual						       SSLSNIFF(1)

NAME
sslsniff - SSL/TLS man-in-the-middle attack tool SYNOPSIS
sslsniff [options] DESCRIPTION
This manual page documents briefly the sslsniff command. sslsniff is designed to create man-in-the-middle (MITM) attacks for SSL/TLS connections, and dynamically generates certs for the domains that are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that is provided. sslsniff also supports other attacks like null-prefix or OCSP attacks to achieve silent interceptions of connections when possible. OPTIONS
Modes: -a Authority mode. Specify a certificate that will act as a CA. -t Targeted mode. Specify a directory full of certificates to target. Required options: -c <file|directory> File containing CA cert/key (authority mode) or directory containing a collection of certs/keys (targeted mode) -s <port> Port to listen on for SSL interception. -w <file> File to log to Optional options: -u <updateLocation> Location of any Firefox XML update files. -m <certificateChain> Location of any intermediary certificates. -h <port> Port to listen on for HTTP interception (required for fingerprinting). -f <ff,ie,safari,opera> Only intercept requests from the specified browser(s). -d Deny OCSP requests for our certificates. -p Only log HTTP POSTs -e <url> Intercept Mozilla Addon Updates -j <sha256> The sha256sum value of the addon to inject NOTES
sslsniff works only on the FORWARD traffic (not on INPUT or OUTPUT). EXAMPLES
To intercept traffic on port 8443, start sslsniff on a local port: sslsniff -a -c /usr/share/sslsniff/certs/wildcard -s 4433 -w /tmp/sslsniff.log and redirect traffic to this port using the iptables nat table: iptables -t nat -A PREROUTING -p tcp --destination-port 8443 -j REDIRECT --to-ports 4433 AUTHOR
sslsniff was written by Moxie Marlinspike. This manual page was written by Pierre Chifflier <pollux@debian.org>, for the Debian project (and may be used by others). August 16, 2009 SSLSNIFF(1)

Check Out this Related Man Page

UPDATE-CA-CERTIFICATES(8)				      System Manager's Manual					 UPDATE-CA-CERTIFICATES(8)

NAME
update-ca-certificates - update system CA certificates SYNOPSIS
update-ca-certificates [options] DESCRIPTION
update-ca-certificates updates the directory /etc/ssl/certs to hold SSL certificates and generates /etc/ssl/ca-bundle.pem, a concatenated single-file list of certificates. It reads the file /etc/ca-certificates.conf. Each line gives a pathname of a CA certificate under /usr/share/ca-certificates that should be trusted. Lines that begin with "#" are comment lines and thus ignored. Lines that begin with "!" are deselected, causing the deactivation of the CA certificate in question. All certificates are implicitly trusted if no trusted certificates are listed. Furthermore all certificates found below /usr/local/share/ca-certificates are also included as implicitly trusted. After populating /etc/ssl/certs update-ca-certificates invokes custom hooks in /usr/lib/ca-certificates/update.d/*.run and /etc/ca-certifi- cates/update.d/*.run. The command line options used for invoking update-ca-certificates are passed to the hooks as well. OPTIONS
A summary of options is included below. -h, --help Show summary of options. -v, --verbose Be verbose. Output c_rehash. -f, --fresh Fresh updates. Removes symlinks in /etc/ssl/certs directory and re-creates them from scratch. FILES
/etc/ca-certificates.conf A configuration file. /etc/ssl/ca-bundle.pem A single-file version of all CA certificates. Use of this file is deprecated and should only be used as last resort by applications that cannot parse the /etc/ssl/certs directory. /usr/share/ca-certificates Directory of CA certificates. /usr/local/share/ca-certificates Directory of local CA certificates. SEE ALSO
c_rehash(1), AUTHOR
This manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>, for the Debian project and modified by Ludwig Nussel <ludwig.nus- sel@suse.de>. 27 April 2010 UPDATE-CA-CERTIFICATES(8)
Man Page