#
A small problem in infosec - SSL/TLS Connection Capture
I found a thing which's very intersting recently.
1. We can capture and decrypt regular TCP socket connection.
2. We can capture and decrypt HTTPS connection which's based on SSL/TLS.
3. We can't capture and decrypt SSL/TLS connection. :-/
Ah, that's not good. Let's make one. Here's the basic concept:
```
THE NORMAL CONNECTION ROUTINE
```
```
+------+ TLS With Server Cert +--------+
```
| User | <----------------------> | Server |
```
+------+ +--------+
```
THE TLS PACKET CAPTURE ROUTINE
```
```
+------+ TLS With Our Cert +-------------+ TLS With Server Cert +--------+
```
| User | <-------------------> | Fake Server | <----------------------> | Server |
```
+------+ +-------------+ +--------+
In a word, it's a typical man in the middle capture routine. And we
will build something like a SSL/TLS reverse proxy.
Source Code not avaliable yet, still work in progress...