Hooking the Https encryption

[Paul McKenzie]

I've been on CG for over 10 years, and I've noticed that without exception, the person on CG asking for this type of "help" always has fewer than 20 posts to their name. I wonder why that is? You never see posters who have a posting history here ever ask these types of questions.

Just an observation.

Regards,

Paul McKenzie

[OReubens]

The reason is obvious. They don't get a response they can use, so never come back. They got here because it's a programming forum and they have a question. When do you look for help, when you have something you can't solve. I'm pretty sure that the vast majority of the "suspicious" questions of this type of nature on here are in fact perfectly valid ones. Quite often people will think they need to hook/intercept something when there's really a much better way to do what they want to achieve. If it's a HTTP stream, it makes me wonder why a BHO that taps into the DHTML DOM wouldn't do exactly what the poster wants. Potentially just even patching in some Jscript via a shortcut link could already do what the poster wants.

There's more than enough sites out there that do provide in depth details about stuff like hooking, intercepting, disassembly, reverse engineering and all that "ooh scary" stuff.

I frequent several of them myself, and even there I can say hand on heart that 95% of the questions and intent is perfectly "legit". I'm not claiming the other 5% isn't, it's just not always clear by the question why/what the poster really has in mind. Quite often questions are asked there in somewhat obscure/covered intent because there's often serious bussiness security involved. A lot of the guys on there aren't "crackers", they're the security guys trying to work against them, you can't defend against that which you don't know. Sometimes you do have to try and attack your own code in order to see where the weak points are.

What I said before is 100% true. If someone has already gotten to the point where they could have some of their code hook something like the HTTPS stream, you have MUCH MUCH bigger things to worry about than that.