WinSSLMiM
---------

This tool is for HTTPS Man in the Middle. It includes
FakeCert a tool to make fake certificate (like the DCA
of sslmim in Phrack 57). It can be used to exploit the
Certificat Chain Vulnerability in Internet Explorer.
All of this works under Windows 9x/2000.

Usage :
 - FakeCert  : fc -h
 - WinSSLMiM : wsm -h

Exemple 1 :

Generate fake certificate : fc -s www.serverHTTPS.com -f fake_cert.crt
Launch WinSSLMiM          : wsm -f fake_cert.crt


Exemple 2 (IE vuln) :

Generate fake certificate : fc -s www.serverHTTPS.com -f fake_cert.crt -t trust.crt
Launch WinSSLMiM          : wsm -f fake_cert.crt -t trust.crt


N.B. : 
 - You need to redirect traffic with DNS Spoofing tool (like WinDNSSpoof for example)
 - WinSSLMiM requires ssleay32.dll and libeay32.dll (see http://www.openssl.org)
 - Trusted certificate trust.crt came from sslsniff (see http://www.thoughtcrime.org)


Links :
 - http://www.phrack.org/phrack/57/p57-0x0d
 - http://www.thoughtcrime.org/ie-ssl-chain.txt
 - http://www.thoughtcrime.org/ie.html
 - http://monkey.org/~dugsong/dsniff/ (webmitm.c)
 - http://www.securiteinfo.com/outils/WinDNSSpoof.shtml


>>> Valgasu <<<

Mail : valgasu@securiteinfo.com
Web  : www.securiteinfo.com