This is a PoC implementation of the POODLE attack.
- Start HTTP server with:
./poodle-dev.sh httpserver - Start SSLv3 forwarder to HTTP server from point above with:
./poodle-dev.sh sslserver - Start PoC with:
./poodle-dev.sh attacker - Open HTTPS server in browser and accept certificate.
- Open PoC request generator and watch leaking bytes in PoC terminal
More details about it in a blog article.
Only for demonstration purposes - Don't do anything evil with it!