cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: using cURL: how to sniff what IE sends to server

From: Kevin P Roth <kproth_at_MarathonOil.com>
Date: Thu, 08 Mar 2001 07:49:01 -0600

(Take 2 - it's a good thing Daniel's listserver doesn't allow big messages, as I stupidly attached the DLL I'm referencing the first time around...)

> > Question #2. Is there a way to sniff what the browser sends to the server
> > for furhter usage with the cURL? Since these are secure
> > connections, I need a tool that does that over SSL connection, I
> > think.

> I've only read about this tool named ssldump, which is said to do some of the
> things you're asking for:

Assuming Gennady is using a Microsoft platform (IE doesn't exist for UNIXes does it?) ssldump don't do much good, unless someone ports it to Windows.

A tool that might be useful is a "debug" version of wininet.dll. It's available as part of the Platform SDK from MSDN.microsoft.com. A version that should work with IE5.5 (and maybe also IE5.01), plus microsoft's instructions for using it have been stored on the cURL web site by Daniel (Thanks Daniel!).
  http://curl.haxx.se/dev/wininet-debug.txt
  http://curl.haxx.se/dev/WinInet.dll
Basically, you replace the copy of wininet.dll on your system with this one (saving a copy of yours first of course). Then you set an environment variable (or a registry entry) a certain way and start internet explorer. All internet network requests will be captured into a logfile, named wininet.IEXPLORE.EXE.322.LOG (if you specified a logfile name of "wininet" and the process id of iexplore was 322). Because this is basically a debugging dump of all API calls into the WinInet libraries, the logfile will be a bit cryptic, but it will have the info you need (and a lot more). For instance, it captures and decodes all SSL traffic.

Another option might be to utilize an advanced feature of a personal proxy server, like Muffin (http://muffin.doit.org/) or WebWasher. One of Muffin's features is to display all HTTP headers going back and forth, and it can do SSL. Basically, you install it, and then reconfigure IE to use Muffin as a proxy server (on a non-standard port on your local machine). Muffin in turn makes the HTTP requests for you, and can show you what it did on your behalf. When I was playing with it last year, it seemed pretty buggy and hard to work with, but you only have to make it work once ;-)

Good luck!

--Kevin
Received on 2001-03-08