Hooking the Https encryption

[Usopp]

Hi

I would like to know what DLL function deals with the Https encryption so i can hook it.

I used to hook the send() function from ws2_32.dll and filter data, but with and Https connexion data are encrypted, then i need to hook the encrypting function. Where is it? What is name?

[Marc G]

What are you trying to accomplish?

[Usopp]

I'am trying to filter some words.

i used to hook the send() function from ws2_32.dll but it does not work with a https connexion since data are crypted

[Usopp]

nobody?

[Usopp]

please
need help

[Lindley]

Generally things that encrypt data are intending to prevent you from seeing what it is. Most of us aren't inclined to help anyone bypass such measures without more of an explanation.

[Usopp]

Generally things that encrypt data are intending to prevent you from seeing what it is. Most of us aren't inclined to help anyone bypass such measures without more of an explanation.

I yet explained what i was trying to do twice....

I need to make an appli which replace a given word by another one.
I used to hook the send() function and it was working great, but i recently noticied that it does not work when it comes to Https.

where is the evil in me hooking a crypting Https function on my computer ??

[Chris_F]

where is the evil in me hooking a crypting Https function on my computer ??

On your computer? I suppose none.

On someone Else's computer? Unquantifiable.

Therein lies the problem.

[Usopp]

On your computer? I suppose none.

On someone Else's computer? Unquantifiable.

Therein lies the problem.

Cant see how you can allow yourself to take part in a discussion to call someone a malicious or a robber

by the way i'am totally sure you dont have any clues about how resolving this issue.

[OReubens]

TBH, there's nothing "wrong" in the question, getting to a point where you could even get code to execute hooking already means you've managed to get into controlling every aspect of the machine.

If you'ld done a little bit of work, you would have figured out on your own that what you need is CAPI or the Crypto API, or in the case of Vista and later CNG (CAPI next generation).

What you ask isn't going to work however. The crypto uses a PRK. And you don't have the decryption key.

[S_M_A]

Cant see how you can allow yourself to take part in a discussion to call someone a malicious or a robber

Even if you have nothing but good intentions keep in mind that this site is public. If a solution to your issue is posted it's also usable for all and everyone with malicious intents.

Posting some pissed off comments won't do you any good either, this site is populated with grown up peoples that actually do get a good night's sleep even though some stranger on the net post bad stuff.

[Usopp]

Even if you have nothing but good intentions keep in mind that this site is public. If a solution to your issue is posted it's also usable for all and everyone with malicious intents.

Posting some pissed off comments won't do you any good either, this site is populated with grown up peoples that actually do get a good night's sleep even though some stranger on the net post bad stuff.

You should keep your selective and sententious moraling "stuff" to those not so grown up peoples like Chris_F who come into a topic to assault original poster, calling them a thief without any good raison. Once you do that, you can go to bed.

[Usopp]

TBH, there's nothing "wrong" in the question, getting to a point where you could even get code to execute hooking already means you've managed to get into controlling every aspect of the machine.

If you'ld done a little bit of work, you would have figured out on your own that what you need is CAPI or the Crypto API, or in the case of Vista and later CNG (CAPI next generation).

What you ask isn't going to work however. The crypto uses a PRK. And you don't have the decryption key.

I'am not about to decrypt, but to hook the encrypting function, and then let the encrypting function do its job.

I'am on windows XP, not vista.

[Chris_F]

like Chris_F who come into a topic to assault original poster, calling them a thief

Now you're putting words in my mouth. If that's how you want to interpret it, then by all means. I won't loose any sleep just because you got easily offended.

Nobody wants to help publish code who's only function is to circumvent something which is intended to make important web connections secure.

I don't want to have my CC numbers stolen just because some 14 year old blackhat finds your post on this site and copies the solution into his next worm.

[S_M_A]

And like Chris_F I'm about to get my unrestless sleep knowing that CG not have provided an code example that could have bad impact on my everyday net browsing.