If I may pick your brains for a moment...

Hello all.

How do most packet analyzers for Windows work? Are they similar to Winpcap
in that they use are a type of NDIS driver sitting between the miniport driver
and Winsock, happily intercepting all data that goes across the NIC? If
so then how would one intercept the packet before it reaches the SSL encryption
layer? I would like to intercept all HTTP requests from IE on a machine
and log that data before the SSL layer encrypts it. If you could offer any
ideas I would be very grateful.

Cheers,

Alex Clark

[569 byte] By [Alex Clark] at [2007-11-9 23:52:04]

«« tracking users without cookies
»» Asp leak

# 1 Re: If I may pick your brains for a moment...

you'd need to install some kinda hook ABOVE SSL/TLS, not below it. which ultimately
may mean hooking the app itself.

"Alex Clark" <localsuperhero@hotmail.com> wrote:
>
>Hello all.
>
>How do most packet analyzers for Windows work? Are they similar to Winpcap
>in that they use are a type of NDIS driver sitting between the miniport
driver
>and Winsock, happily intercepting all data that goes across the NIC? If
>so then how would one intercept the packet before it reaches the SSL encryption
>layer? I would like to intercept all HTTP requests from IE on a machine
>and log that data before the SSL layer encrypts it. If you could offer
any
>ideas I would be very grateful.
>
>Cheers,
>
>Alex Clark
>

Michael Howard at 2007-11-12 0:14:42 >

This is a Technology portal site for all the developer, It's a community, here you can post your question when you are learning, working, and soso...we'll make it better than yesterday Everyday...

If I may pick your brains for a moment...

Developer Tech

All Classified

Developer Tech New Topic

Developer Tech Hot Topic