I wrote a small program to capture https traffic. I want to capture DECODED to receive and publish data using this software.
As you know, a Fiddler application can do this like a charm, and now I'm looking for a way to do this in my program.
For example, here is my code:
void FiddlerApplication_AfterSessionComplete(Fiddler.Session oSession) { this.Invoke(new MethodInvoker(delegate { oSession.bBufferResponse = true; txtLog.Text += "full-url : \r\n" + oSession.fullUrl.ToString() + "\r\n-----------------------------------------------\r\n"; txtLog.Text += "method : \r\n" + oSession.oRequest.headers.HTTPMethod + "\r\n-----------------------------------------------\r\n"; txtLog.Text += "request headers : \r\n" + oSession.oRequest.headers + "\r\n-----------------------------------------------\r\n"; txtLog.Text += "responce headers : \r\n" + oSession.oResponse.headers + "\r\n-----------------------------------------------\r\n"; txtLog.Text += "get request body as string : \r\n" + oSession.GetRequestBodyAsString() + "\r\n-----------------------------------------------\r\n"; txtLog.Text += "request body bytes : \r\n" + oSession.requestBodyBytes + "\r\n>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\r\n"; txtLog.SelectionStart = txtLog.Text.Length; txtLog.ScrollToCaret(); })); }
and get request body as string in txtLog for the https web page, as shown below:
get request body as string : A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below. Major Version: 3 Minor Version: 1 Random: 52 02 18 75 64 2D 8D 65 75 B9 C4 1B 58 76 92 3E 6B C5 BF 1D 3B D4 53 5D D2 FA CA D8 BF CE 02 5D SessionID: empty Ciphers: [002F] TLS_RSA_AES_128_SHA
What is this handshake side and how can I decode it? as you know, there are two files (TrustCert.exe and makecert.exe) inside the installed violinist application.
What are these files and can I use them in my small application to decode data? as?
early
source share