xmitm: xml man in the middle tool

By secgeeks - Posted on December 30th, 2007

166

vote

This post is a result of ideas and tools developed during the review of client-side applications that use the XMPP protocol to communicate with a server (opening a raw socket, not using HTTP as a transport).

The only way we could think of getting our hands on the communication was to write a small set of scripts to trick the client and encapsulate the communication inside HTTP requests that we could then manipulate using standard proxy tools such as burp.

Although the information and scripts described in this post are focussed on intercepting a XML communication, the same principles apply to man in the middle any ASCII protocol such as smtp, ftp or pop.
Continue reading here....

Bookmark/Search this post with:

Similar entries

Recent blog posts

Newly Popular

Drupalit monthly

Drupalit weekly

Drupalit daily

Drupalit hottest

Drupalit latest

Recent comments

thank you
2 weeks 6 days ago
Style sheet flaw
10 weeks 5 days ago
backdoor? -SecGeek
12 weeks 5 days ago
mpack
12 weeks 5 days ago
thats strange,i need to
14 weeks 21 hours ago
Not working at this end either
14 weeks 3 days ago
ya, i too received this mail
15 weeks 6 days ago
I've received this as well, but it references BoA opposed to FB
16 weeks 1 day ago
it was a problem with
21 weeks 5 days ago
i have tested it with
22 weeks 11 hours ago

Get SecGeeks Feeds in your email:

Navigation

Who's online

There are currently 0 users and 28 guests online.

Poll

tags in Genral

barack obama codec firefox kernel mode mozilla firefox pc world quot rogue application rogue software rootkit sql injection xss

Who's new

likossa odleski
tersansa psihhlosasa
Spabgissids
Alikossa Modleskiaa
anefronoTor

User login

BlogRoll

www.pal-hacker.com

Hack In The Box
www.ryan1918.com

http://maltainfosec.org
http://sipvicious.org/blog/
astalavista.com
PC Enclosures
Learn to Hack

Partners

2handthings.com
Rent,Sell Property
Bubble20
secumania
TrojanLibrary
add your link here..