debug logging levels for print out entire https packet content into a log?

Hi, all,


Is there a debug logging levels for print out entire https packet
content into a log? I am trying to get a packet trace of an https
connection. Since apache has already decryted the packet, and print
out the headers, may be there are setttings that cause it to print out
the whole contents of a https request/response packet?

thanks
eva

iexpl <iexpl@yahoo.com> wrote:
> Is there a debug logging levels for print out entire https packet
> content into a log?

AFAIK no, when I had a similar problem I ended up hacking the mod_log
source code. Exactly what's your problem?
Davide

--
| I think I'd like to see a Simpsons episode start up with Bart Simpson
| writing 'I will not attempt to undermine the Usenet cabal'. --J.D.
| Falk
|

Davide,

I need to reverse engineer a protocol that build on top of https. If
you have done the hack, do you have a working version of the hack
mod_log module that I can use?

thanks
eva

Davide Bianchi <davideyeahsure@onlyforfun.net> wrote in message news:<bu2neo$bqqqd$4@ID-18487.news.uni-berlin.de>...
> iexpl <iexpl@yahoo.com> wrote:
> > Is there a debug logging levels for print out entire https packet
> > content into a log?
>
> AFAIK no, when I had a similar problem I ended up hacking the mod_log
> source code. Exactly what's your problem?
> Davide

iexpl <iexpl@yahoo.com> wrote:
> I need to reverse engineer a protocol that build on top of https.

huiuuuu... it sounds bad already...

> you have done the hack, do you have a working version of the hack
> mod_log module that I can use?

Unfortunately no. It was when I was working for another company and
I left the sources there when I left. More unfortunately right now
I don't have time to look again into that thing (I'm trying to make
Borland C working with libraries compiled for Visual C... don't ask!).

If you don't came out with something in a week or so drop me a mail
(remove the yeahsure part from my address) and I'll try to remember
what the heck I did at the time.

Davide

--
| Microsoft Zen - Become one with the blue screen. -- From a
| Slashdot.org post

> Is there a debug logging levels for print out entire https packet
> content into a log? I am trying to get a packet trace of an https
> connection. Since apache has already decryted the packet, and print
> out the headers, may be there are setttings that cause it to print out
> the whole contents of a https request/response packet?

welcome to the wonders of ssldump - if you provide it with the private
key, it decrypts the payload. or, if you can use whatever you've got
to reverse-engineer over a proxy, there's that little tool called
proxomitron, which also does a man-in-the-middle attack, albeit it has
to fake the certficate for that - depends on the paranoia-level of the
application under test wether you can use it...

joachim