I've got a client and a server written in java as follows
package keystoree;
import java.io.*;
import java.net.*;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
public class clientConnect {
public static byte[] toByteArray(String string)
{
byte[] bytes = new byte[string.length()];
char[] chars = string.toCharArray();
for(int i=0; i!=chars.length; i++)
{
bytes[i] = (byte) chars[i];
}
return bytes;
}
static void doProtocol(Socket cSock) throws Exception
{
OutputStream out = cSock.getOutputStream();
InputStream in = cSock.getInputStream();
out.write(toByteArray("world"));
out.write('!');
int ch=0;
while (( ch = in.read()) !='!')
{
System.out.print((char)ch);
}
System.out.println((char)ch);
}
public static void main(String[] args) throws Exception
{
SSLSocketFactory fact = (SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket cSock = (SSLSocket)fact.createSocket(KeyStoree.HOST, KeyStoree.PORT_NO);
// final String[] enabledCipherSuites = { "SSL_RSA_WITH_RC4_128_SHA5" };
//cSock.setEnabledCipherSuites(enabledCipherSuites);
doProtocol(cSock);
}
}
Server
package keystoree;
import java.io.*;
import java.net.*;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
public class clientConnect {
public static byte[] toByteArray(String string)
{
byte[] bytes = new byte[string.length()];
char[] chars = string.toCharArray();
for(int i=0; i!=chars.length; i++)
{
bytes[i] = (byte) chars[i];
}
return bytes;
}
static void doProtocol(Socket cSock) throws Exception
{
OutputStream out = cSock.getOutputStream();
InputStream in = cSock.getInputStream();
out.write(toByteArray("world"));
out.write('!');
int ch=0;
while (( ch = in.read()) !='!')
{
System.out.print((char)ch);
}
System.out.println((char)ch);
}
public static void main(String[] args) throws Exception
{
SSLSocketFactory fact = (SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket cSock = (SSLSocket)fact.createSocket(KeyStoree.HOST, KeyStoree.PORT_NO);
// final String[] enabledCipherSuites = { "SSL_RSA_WITH_RC4_128_SHA5" };
//cSock.setEnabledCipherSuites(enabledCipherSuites);
doProtocol(cSock);
}
}
I'm using port 9999 declared in a different class i didn't post because of irrelevancies.
I've followed this tutorial
http://blog.opensecurityresearch.com/2012/05/mallory-mitm-fix-ssl-decryption.html but the problem is mallory is not intercepting traffic.Please help!!!