ssl_logger_windows

Decrypts and logs a process's OpenSSL encrypted traffic

This is modified version of https://github.com/google/ssl_logger for Microsoft Windows operating system. Thanks to this tool you can sniff SSL (HTTPS) traffic without messing with certificate pinning.

How does it work

It hooks OpenSSL functions that are used to perform SSL encryption/decryption using frida

Installation

You need Python3 and following packages:

pip install frida
pip install hexdump

Usage

python ssl_logger.py [-pcap <path>] [-verbose] <process id>

-pcap <path>                 Name of PCAP file to write
-verbose                     Show verbose output
<process id>                 Process whose SSL calls to log

Example: ssl_logger.py -pcap ssl.pcap 1337

Limitations

It works only for dynamic linked OpenSSL, this means your target must import ssleay32.dll
There are problems with logging the ip & port of source and destination

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
LICENSE		LICENSE
README.md		README.md
logger.js		logger.js
ssl_logger.py		ssl_logger.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

ssl_logger_windows

How does it work

Installation

Usage

Limitations

About

Releases

Packages

Languages

License

morsisko/ssl_logger_windows

Folders and files

Latest commit

History

Repository files navigation

ssl_logger_windows

How does it work

Installation

Usage

Limitations

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages