-
December 10th, 2010, 12:26 AM
#1
Hooking the Https encryption
Hi
I would like to know what DLL function deals with the Https encryption so i can hook it.
I used to hook the send() function from ws2_32.dll and filter data, but with and Https connexion data are encrypted, then i need to hook the encrypting function. Where is it? What is name?
-
December 12th, 2010, 08:08 AM
#2
Re: Hooking the Https encryption
What are you trying to accomplish?
-
December 21st, 2010, 11:10 AM
#3
Re: Hooking the Https encryption
I'am trying to filter some words.
i used to hook the send() function from ws2_32.dll but it does not work with a https connexion since data are crypted
-
December 22nd, 2010, 06:40 AM
#4
Re: Hooking the Https encryption
-
December 22nd, 2010, 06:44 PM
#5
Re: Hooking the Https encryption
-
December 22nd, 2010, 08:34 PM
#6
Re: Hooking the Https encryption
Generally things that encrypt data are intending to prevent you from seeing what it is. Most of us aren't inclined to help anyone bypass such measures without more of an explanation.
-
December 23rd, 2010, 06:00 AM
#7
Re: Hooking the Https encryption
Originally Posted by Lindley
Generally things that encrypt data are intending to prevent you from seeing what it is. Most of us aren't inclined to help anyone bypass such measures without more of an explanation.
I yet explained what i was trying to do twice....
I need to make an appli which replace a given word by another one.
I used to hook the send() function and it was working great, but i recently noticied that it does not work when it comes to Https.
where is the evil in me hooking a crypting Https function on my computer ??
-
December 23rd, 2010, 06:06 AM
#8
Re: Hooking the Https encryption
Originally Posted by Usopp
where is the evil in me hooking a crypting Https function on my computer ??
On your computer? I suppose none.
On someone Else's computer? Unquantifiable.
Therein lies the problem.
-
December 23rd, 2010, 08:26 AM
#9
Re: Hooking the Https encryption
Originally Posted by Chris_F
On your computer? I suppose none.
On someone Else's computer? Unquantifiable.
Therein lies the problem.
Cant see how you can allow yourself to take part in a discussion to call someone a malicious or a robber
by the way i'am totally sure you dont have any clues about how resolving this issue.
-
December 23rd, 2010, 10:28 AM
#10
Re: Hooking the Https encryption
TBH, there's nothing "wrong" in the question, getting to a point where you could even get code to execute hooking already means you've managed to get into controlling every aspect of the machine.
If you'ld done a little bit of work, you would have figured out on your own that what you need is CAPI or the Crypto API, or in the case of Vista and later CNG (CAPI next generation).
What you ask isn't going to work however. The crypto uses a PRK. And you don't have the decryption key.
-
December 23rd, 2010, 02:35 PM
#11
Re: Hooking the Https encryption
Originally Posted by Usopp
Cant see how you can allow yourself to take part in a discussion to call someone a malicious or a robber
Even if you have nothing but good intentions keep in mind that this site is public. If a solution to your issue is posted it's also usable for all and everyone with malicious intents.
Posting some pissed off comments won't do you any good either, this site is populated with grown up peoples that actually do get a good night's sleep even though some stranger on the net post bad stuff.
-
December 23rd, 2010, 03:00 PM
#12
Re: Hooking the Https encryption
Originally Posted by S_M_A
Even if you have nothing but good intentions keep in mind that this site is public. If a solution to your issue is posted it's also usable for all and everyone with malicious intents.
Posting some pissed off comments won't do you any good either, this site is populated with grown up peoples that actually do get a good night's sleep even though some stranger on the net post bad stuff.
You should keep your selective and sententious moraling "stuff" to those not so grown up peoples like Chris_F who come into a topic to assault original poster, calling them a thief without any good raison. Once you do that, you can go to bed.
Last edited by Usopp; December 23rd, 2010 at 03:04 PM.
-
December 23rd, 2010, 03:03 PM
#13
Re: Hooking the Https encryption
Originally Posted by OReubens
TBH, there's nothing "wrong" in the question, getting to a point where you could even get code to execute hooking already means you've managed to get into controlling every aspect of the machine.
If you'ld done a little bit of work, you would have figured out on your own that what you need is CAPI or the Crypto API, or in the case of Vista and later CNG (CAPI next generation).
What you ask isn't going to work however. The crypto uses a PRK. And you don't have the decryption key.
I'am not about to decrypt, but to hook the encrypting function, and then let the encrypting function do its job.
I'am on windows XP, not vista.
-
December 23rd, 2010, 04:44 PM
#14
Re: Hooking the Https encryption
Originally Posted by Usopp
like Chris_F who come into a topic to assault original poster, calling them a thief
Now you're putting words in my mouth. If that's how you want to interpret it, then by all means. I won't loose any sleep just because you got easily offended.
Nobody wants to help publish code who's only function is to circumvent something which is intended to make important web connections secure.
I don't want to have my CC numbers stolen just because some 14 year old blackhat finds your post on this site and copies the solution into his next worm.
-
December 23rd, 2010, 06:19 PM
#15
Re: Hooking the Https encryption
And like Chris_F I'm about to get my unrestless sleep knowing that CG not have provided an code example that could have bad impact on my everyday net browsing.
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|