[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NetScape's dependence upon RSA down for the count!

To: David_A Wagner <[email protected]>
Subject: Re: NetScape's dependence upon RSA down for the count!
From: [email protected] (John L. Bass)
Date: Mon, 2 Oct 95 20:28:29 -0600
Cc: [email protected]
Sender: [email protected]

Sorry David,

	The offer was for a server/filter/MITM/proxy that logged clear text
not cyphered text for the SSL stream. Combine your program with SLL code
from other sources and 95% of the program is complete. Add to that a way
to produce a valid certificate for the client and you will earn the $50
and a lot of praise for a job well done from everybody.

> > I have a Fifty dollar bill for the first person to submit to the mail box
> > [email protected] a working Unix server (with cleartext session logs) which
> > accepts all connections on a unix based host to the www port and redirects
> > them to netscape.com leaving a clear text log of each session's SSL packets
> > in /tmp by session.  All entries become the property of DMS Design. The winner
> > and I will submit a claim for one of Community COnneXion's "I HACKED NETSCAPE"
> > tee shirts as a server hack. (Have Fun!!)
> > 
> 
> This is a trivial program!  I can't believe anyone considers this
> technically difficult.  But hey, who am I to question, if you'll
> pay $50!
> 
> Ok, let me back that up with real code.  Here's a proxy I've been
> using for experimenting, in lieu of root access & tcpdump.

For the rest of you, David gave you a small jump start. Checkout the
web pages at C2.org and netscape.com for access to the ssl prototype
code.

Have fun,
John Bass
Owner, DMS Design

Prev by Date: SAIC Ideas SCI
Next by Date: SAIC Snags INFOSEC
Prev by thread: Re: Netscape finally issuing md5sums/pgp signed binaries ? (was Re: NetScape's dependence upon RSA down for the count!)
Next by thread: Re: NetScape's dependence upon RSA down for the count!
Index(es):
- Date
- Thread