Our advanced SSL hijacker SDK is a brand new technology that allows you to access data that was encrypted using SSL and perform on the fly SSL decryption. The hijacker uses Komodia's Redirector platform to allow you easy access to the data and the ability to modify, redirect, block, and record the data without triggering the target browser's certification warning.
We have developed two kinds of decoders:
First one is called SSL Decoder and it works for Internet explorer and Firefox, its main advantage that it doesn't change the session certificate.
Second type is called SSL Digestor and it works for all SSL aware applications, it also works on 64bit environments, but unlike the SSL decoder, the Digestor performs some extra manipulations on the session certificate but in a way the browser is not alerting the user, regardless, the session's data always remain the same.
Operation with Komodia's SSL hijacker
The SSL Decoder or SSL Digestor are modules that use Komodia's Redirector and are priced on top of the Redirector's price
You can view the Redirector's price quote and optionsl SSL modules here.
This product also comes in a read-only version, which lets you view decrypted SSL traffic just like the sniffer does, but without the ability to modify it. Ideal for BHO developers, FireFox component developers and application developers that needs to only sniff regular and SSL data.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/) This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)
This unique technology opens the door to number of exciting possibilities:
- Parental control: Filter SSL data based on keywords and URI - unlike current SSL filtering, which is based on IPs.
- Secure anonymizer: strip data revealing information from SSL traffic.
- Spam filtering: Filter encrypted Outlook mail sessions.
- Traffic monitoring: Track surfing activities containing encrypted data (Current tracking products can only report IPs.)
- Stream sniffing: Sniff encrypted network activity.
Technical details:
- Uses Komodia's Redirector platform.
- Intercepts application using either LSP or browser specific component (like BHO), depending on the project requirements.
Types of decoders:
We have developed two kinds of decoders:
First one is called SSL Decoder and it works for Internet explorer and Firefox, its main advantage that it doesn't change the session certificate.
Second type is called SSL Digestor and it works for all SSL aware applications, it also works on 64bit environments, but unlike the SSL decoder, the Digestor performs some extra manipulations on the session certificate but in a way the browser is not alerting the user, regardless, the session's data always remain the same.
How does it work?
The following illustration shows Komodia Redirector being used for web content inspection (this is only one scenario out of many).
Regular operation without Komodia's SSL hijacker
- Internet explorer connects to a web server on port 443 using SSL. The data is encrypted.
- Internet explorer and the web server communicate directly.
Operation with Komodia's SSL hijacker
- Internet explorer connects to a web server on port 443 using SSL. The data is encrypted.
- Komodia's SSL hijacker intercepts the communication and redirects it to Komodia's Redirector. The channel between the SSL hijacker and the Redirector is encrypted.
- At this stage, Komodia's Redirector can shape the traffic, block it, or redirect it to another website.
- Communication between the Redirector and the website is encrypted using SSL.
- All data received from the website can be again modified and/or blocked. When data manipulation is done, it is forwarded again to Internet explorer.
- The browser displays the SSL lock, and the session will not display any "Certificate warnings".
Pricing
The SSL Decoder or SSL Digestor are modules that use Komodia's Redirector and are priced on top of the Redirector's price
You can view the Redirector's price quote and optionsl SSL modules here.
SSL read only component
This product also comes in a read-only version, which lets you view decrypted SSL traffic just like the sniffer does, but without the ability to modify it. Ideal for BHO developers, FireFox component developers and application developers that needs to only sniff regular and SSL data.
This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/) This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)