SSL traffic
mdtmailgr opened this issue · 3 comments
mdtmailgr commented
Hello all,
First of all grate work and thank you for the work project provided
One question, how to capture SSL traffic incoming one for malicious traffic ?
e.g
nmap 192.168.235.128 -p 80 --script=vuln ==> works
nmap 192.168.235.128 -p 443 --script=vuln ==> not reporting something
[i] setting capture filter 'udp or icmp or (tcp and (tcp[tcpflags] == tcp-syn or port 80 or port 1080 or port 3128 or port 8000 or port 8080 or port 8118)) or port 443'
Thank you again
stamparm commented
hi. problem is that you won't be able to decrypt SSL traffic and inspect these kind of attacks. SSL traffic is encrypted per-se
mdtmailgr commented
Thank you Stamparm,
You are right
Thank you for your time
Best regards,
MikhailKasimov commented
Considering to be resolved.