« IsecPartners Molests Flash, Adobe in therapy | Main | Netscape Assinated by AOL »

xmitm: xml man in the middle tool

An interesting post on intercepting flash XMPP traffic.

"This post is a result of ideas and tools developed during the review of client-side applications that use the XMPP protocol to communicate with a server (opening a raw socket, not using HTTP as a transport).

The only way we could think of getting our hands on the communication was to write a small set of scripts to trick the client and encapsulate the communication inside HTTP requests that we could then manipulate using standard proxy tools such as burp.

Although the information and scripts described in this post are focussed on intercepting a XML communication, the same principles apply to man in the middle any ASCII protocol such as smtp, ftp or pop."

Article Link: http://weblog.nomejortu.com/?p=38


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!