View Full Version : [help]Sniffing encrypted traffic with-out breaking the encryption?

02-10-2011, 10:52 AM
I have been playing with sniffers in some networks,but after a point i am bored of traditional sniffing,most people here using some sort of encryptions like ssl,ssh,IP-SEC,Also as IP-V4 addresses are going to get exhausted in a few days,so IP-V6 with default IP-SEC will be implemented every where in the future i think,I tought of learning some advanced sniffing techniques,Also i looked in to traditional ssl stripping,but it is easily detectable,i am looking for some ways to sniff the encrypted traffic with-out breaking the encryption,i hope it would be tough,but i believe still it is possible,..
Looking for some help,ideas,reference from the members here,

Hope i will get some useful inputs...

02-10-2011, 11:47 AM
Hey mandi I didn’t get your point. why you ve to decrypt the encryption when sniffing?:confused: as you were playing with sniffers you should ve seen the captured encrypted packets in the sniffer(you can sniff encrypted traffic):). are you trying to say that you are not able see the data in clear text?
correct me if i am wrong.

02-10-2011, 01:00 PM
i can see the traffic sir,but i want to re-encrypt the things and make sure that my victim should not know i am sniffing his traffic,that is my main concern,
Also for me sniffing the IP-SEC is tough for me..
because of the bla bla security mechanisms like ESP headers and other data integrity constraints..

hope you got my question now,

02-10-2011, 03:08 PM
define:sniffed in google .. thanks for the info

02-10-2011, 03:55 PM
can't get u? any more useful advice please?

02-10-2011, 04:57 PM
can you please explain me what exactly you want to do with sniffer...are you confused between proxy and sniffer or you really want to do as you have asked the question?

02-10-2011, 11:55 PM
I want to see the plain text aka traffic inside the encryption with-out getting known to the victim,

in simple i want to do like this ..

victims encrypted traffic------> attacker decrypt the traffic and re-encrypt it---------->victims destination

02-11-2011, 11:16 AM
Thanks for description mandi..
this whitepaper on sniffing may help you:)