[jdev] XMPP MITM proxy
viq
vicviq at gmail.com
Thu Sep 8 17:31:17 UTC 2011
On 9/7/11, Christopher Orr <chris at orr.me.uk> wrote:
> Hi all,
>
> Does anybody know if there is any XMPP proxy software out there,
> specifically that can act as a man-in-the-middle for debug purposes?
>
> Something like:
> - Client attempts connection to Server
> - Connection is re-routed to Proxy
> - Proxy forwards stanzas to Server
> - Proxy doesn't advertise <starttls> to Client
> - Proxy handles TLS with the Server
> - Traffic between Client and Proxy is plaintext and can be observed
>
> This would be useful with proprietary clients, where there isn't a
> chance to access the server or to disable TLS for a given account.
>
> Or for clients that insist on TLS, more advanced would be to allow TLS
> between Client and Proxy (assuming the Client trusts the certificate the
> Proxy provides), similar to the awesome Charles Proxy (for HTTP) [1].
>
> Anyway, any pointers would be appreciated.
How about stunnel? Or if clients want to insist on ssl (I don't think
it supports TLS), two stunnels:
client<-ssl->stunnel<-plaintext->stunnel<-ssl->server
I've done that at least once, though not for xmpp traffic.
> Thanks,
> Chris
>
> [1]: http://charlesproxy.com/documentation/proxying/ssl-proxying/
> _______________________________________________
> JDev mailing list
> Info: http://mail.jabber.org/mailman/listinfo/jdev
> Unsubscribe: JDev-unsubscribe at jabber.org
> _______________________________________________
>
--
viq
More information about the JDev
mailing list