Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Sep 17 17:08
    derOnkel2 opened #257
  • Sep 08 16:13
    sonertari commented #256
  • Sep 08 11:30
    sonertari commented #256
  • Sep 02 09:54
    droe edited #256
  • Sep 02 09:52
    droe edited #256
  • Aug 30 14:49
    letoams opened #256
  • Aug 30 11:39
    droe labeled #255
  • Aug 30 11:39
    droe unlabeled #254
  • Aug 30 11:39
    droe labeled #254
  • Aug 30 11:39
    droe unlabeled #253
  • Aug 30 11:39
    droe labeled #253
  • Aug 30 11:39
    droe unlabeled #252
  • Aug 30 11:39
    droe labeled #252
  • Aug 30 11:39
    droe unlabeled #251
  • Aug 30 11:39
    droe labeled #251
  • Aug 30 11:39
    droe unlabeled #248
  • Aug 30 11:39
    droe labeled #248
  • Aug 30 11:39
    droe unlabeled #247
  • Aug 30 11:39
    droe labeled #247
  • Aug 30 11:39
    droe labeled #246
Pawan
@py2k
Hi
Is there a way in sslsplit through which we can bypass WSS over 443. Slack and a lot other websites are not working correctly
Daniel Roethlisberger
@droe
Which version are you using?
Ah you mean by bypass to not interfer with web sockets
Currently, web sockets is downgraded/prevented, there is currently no way to bypass/passthrough (-P style) web sockets, unless web sockets uses a different port than the HTTPS traffic you want to split
Daniel Roethlisberger
@droe
We do plan to improve websockets support, I would think that #216 will provide what you are looking for
Pawan
@py2k
Yes exactly
Thanks for reference
We will wait for your implementation
krishnakumar11
@krishnakumar11

Hi
I want to use sslsplit on top of fips openssl. I have compiled FIPS openssl shared library and installed them on /usr/local and also exported the LD_LIBRARY_PATH to point to it. So i guess sslsplit with use my compiled openssl?

Now to enable fips mode in it we need to call FIPS_mode_set(1), what would be the best place to put this call in sslsplit so that openssl that it uses runs in fips mode?

schmilwenspire
@schmilwenspire
Hi,
When mirroring is set, how are the TCP source and destination ports selected?
Soner Tari
@sonertari
@schmilwenspire Mirroring sends decrypted packets to the ethernet address of the IPv4 address configured using the -T option. The IPv4 address is used to obtain the MAC address of the target, which should be on the same network with the source interface configured using the -I option. So, since mirroring works at L2, there is no port configuration. Please use tcpdump to monitor or record the packets on the target.
schmilwenspire
@schmilwenspire
Is there a way to set the ports used in the packets that are mirrored, at least I would like them the same as in the original packet
Soner Tari
@sonertari
Src and dst ports are the same as in the original packet, see logpkt_mirror_build() in logpkt.c
schmilwenspire
@schmilwenspire
I'm runnig tcpdump on the mirror port and I see that the server port is 47873 instead of 477, while on the VM where I run client I see that the server port is 477
Soner Tari
@sonertari
Yes, I can confirm the issue you mention, this is a bug. I see that this was introduced sometime in October, because if you can checkout a revision around September 30th, you will see that there is no such a problem. So, @schmilwenspire can you please open an issue on GitHub for this problem, so that it is properly documented and fixed? Thanks for reporting (I am already looking into it for a fix).
Soner Tari
@sonertari
@schmilwenspire Can you try the develop branch? Please report back if my last commit fixes the issue you have reported (it does here).
schmilwenspire
@schmilwenspire
@sonertari I've opened an Issue
schmilwenspire
@schmilwenspire
@sonertari I tested the fixes and now I'm seeing the right ports. Thanks
Mathe Eliel
@elielmathe
Hello, I am new to sslsplit, I am getting this error when I try to set it as proxy "Peeking did not yield a (truncated) ClientHello message, aborting connection"
Here is the command that I used "sslsplit -k ca.key -c ca.crt -D https 0.0.0.0 8000"
Pawan
@py2k
How can we bypass Websockets?
Pawan
@py2k
@droe Are you stopping development? Why have you closed the project roadmap?
Daniel Roethlisberger
@droe
Development has not stopped. The roadmap was closed because we did not meet the sponsoring deadline, so development no longer necessarily focuses on the features h1 requested. But adding e.g. websocket support would still be very valuable, hence the respective issue tickets remains open.
No promises though how active development will be - feel free to contribute to the development