Como logar / ver o tráfego passando pelo stunnel antes / depois da criptografia?

2

Estou usando o stunnel para falar com um servidor SSL. Eu gostaria de ver as mensagens que estou enviando antes que elas sejam criptografadas e, mais importante, as mensagens que recebo depois de serem descriptografadas.

Liguei o registro de depuração (nível 7), mas ainda não consigo ver as mensagens. Abaixo os detalhes:

stunnel.conf

output = coinsetter.log

[remote]
client = yes
accept = 8888
connect = 198.61.189.25:5001
debug = 7

saída stunnel:

2015.09.23 23:11:17 LOG5[ui]: stunnel 5.18 on x86_64-apple-darwin13.4.0 platform
2015.09.23 23:11:17 LOG5[ui]: Compiled/running with OpenSSL 1.0.1c 10 May 2012
2015.09.23 23:11:17 LOG5[ui]: Threading:PTHREAD Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI
2015.09.23 23:11:17 LOG5[ui]: Reading configuration from file coinsetter.conf
2015.09.23 23:11:17 LOG5[ui]: UTF-8 byte order mark not detected
2015.09.23 23:11:17 LOG5[ui]: FIPS mode disabled
2015.09.23 23:11:17 LOG4[ui]: Authentication is needed to prevent MITM attacks
2015.09.23 23:11:17 LOG5[ui]: Configuration successful


2015.09.23 23:11:40 LOG7[0]: Service [remote] started
2015.09.23 23:11:40 LOG5[0]: Service [remote] accepted connection from 127.0.0.1:57261
2015.09.23 23:11:40 LOG6[0]: failover: round-robin
2015.09.23 23:11:40 LOG6[0]: s_connect: connecting 198.61.189.25:5001
2015.09.23 23:11:40 LOG7[0]: s_connect: s_poll_wait 198.61.189.25:5001: waiting 10 seconds
2015.09.23 23:11:40 LOG5[0]: s_connect: connected 198.61.189.25:5001
2015.09.23 23:11:40 LOG5[0]: Service [remote] connected remote server from 192.168.0.12:57262
2015.09.23 23:11:40 LOG7[0]: Remote socket (FD=9) initialized
2015.09.23 23:11:40 LOG6[0]: SNI: sending servername: staging-fix.coinsetter.com
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): before/connect initialization
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv2/v3 write client hello A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server hello A
2015.09.23 23:11:40 LOG6[0]: Certificate verification disabled
2015.09.23 23:11:40 LOG6[0]: Certificate verification disabled
2015.09.23 23:11:40 LOG6[0]: Certificate verification disabled
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server certificate A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server key exchange A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read server done A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 write client key exchange A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 write change cipher spec A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 write finished A
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 flush data
2015.09.23 23:11:40 LOG7[0]: SSL state (connect): SSLv3 read finished A
2015.09.23 23:11:40 LOG7[0]:      1 client connect(s) requested
2015.09.23 23:11:40 LOG7[0]:      1 client connect(s) succeeded
2015.09.23 23:11:40 LOG7[0]:      0 client renegotiation(s) requested
2015.09.23 23:11:40 LOG7[0]:      0 session reuse(s)
2015.09.23 23:11:40 LOG6[0]: SSL connected: new session negotiated
2015.09.23 23:11:40 LOG7[0]: Peer certificate was cached (871 bytes)
2015.09.23 23:11:41 LOG6[0]: Negotiated TLSv1.2 ciphersuite DHE-RSA-AES256-SHA256 (256-bit encryption)
2015.09.23 23:11:41 LOG7[0]: Compression: null, expansion: null
    
por Peter Mel 24.09.2015 / 05:18

1 resposta

1

Você pode fazer isso com socat . Melhor ainda, você pode abandonar stunnel e socat fazer o SSL para você, por exemplo,

socat -v TCP4-LISTEN:8888 SSL:198.61.189.25:5001
    
por 06.02.2018 / 22:10

Tags