Sniffing SSL for libwww-perl scripting Sniffing SSL connections can be helpful for client programming for web applications, eg for detecting redirects. Because we do not know the host private key, a combination of ssldump + ethereal can *not* be used, instead use "trace" with lynx (see the lynx documentation for trace) or patch mozilla as below. ~/mozilla/security/nss/lib/ssl$ vi sslsecur.c /* Caller holds the SSL Socket's write lock. SSL_LOCK_WRITER(ss) */ int ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags) /* Send out the data using one of these functions: * ssl2_SendClear, ssl2_SendStream, ssl2_SendBlock, * ssl3_SendApplicationData */ ssl_GetXmitBufLock(ss); rv = (*ss->sec.send)(ss, buf, len, flags); /*-->Modification goes here!*/ printf (buf); ssl_ReleaseXmitBufLock(ss); ss->writerThread = NULL; return rv; }