How does HTTP Analyzer work?

Question

Halo, i am interest in methods, which http analyzer uses to capture data. I would like to write program which saves emails sent via web based clients. The problem is https and HTTP Analyzer solves it, but i dont know how.

I got one interesting answer on my question before, but it doesnt reveal as much as i would like to know.

Programs like HTTP Analyzer can catch the HTTPS data because they insert themselves in the HTTPS stack. As a result, they get the data after it's generated but before it's being encrypted and put in IP packets. This is highly non-trivial.

How it is possible to make? If you have any interesting articles solving this issue, please let me know.

Answer 1

HTTPS (and SSL in general) is there to stop third parties (i.e. anything other than server or client) from being able to read the data exchange.

I would like to write program which saves emails sent via web based clients

Web based clients can't send emails - they can only talk HTTP[S].

Do you mean you want to intercept traffic from a current system? In which case, yes (assuming you have the encryption certificate and can reconfigure the entire architecture) there are ways to do it, but you've got a very long journey to make before you will be able to understand the answers.

Do you mean you want to write your own web based application for sending emails? Then forget about the SSL part - your code will just see the unencrypted data - its the job of the webserver or SSL accelerator to handle the encryption/decryption.

C.