Application Security Testing: An Integral Part of DevOps
Environment: VC6, SP4, NT4, Win2K, Win9x
Updates will be found at squrelayerproxy.sourceforge.net.
How It Works
SQLProxy will run on your computer and a friend's computer. Acting as an HTTP proxy, it will intercept the messages before they are sent on the network and will encrypt them. At their destination, SQLProxy will decrypt them. SQLProxy is acting as an HTTP proxy, but it knows just enough Yahoo! messenger protocol to encrypt/decrypt the message's content. The transfer of files is not encrypted in any other way.
You need only to set a secret key with your friend (by phone or mail, not by messenger). Encryption is done with DES provided by the Crypt++ library. I have plans to add RSA (and key exchange protocol) later.
Crypt++ library is not provided here.
The sources exemplify an HTTP proxy, a simple connection forwarding to other host and port techniques and basics of Yahoo! messenger protocols. I heavily used CAsyncSocket because of its integration with MFC. Also, the sources exemplify use of Crypt++ library, a free C++ library with support for many cryptographic algorithms.
To add support for other messengers, I should get this code to a new level of generalization and I should add an improved structure, but the code is a good lesson about how to interact with an existing communication protocol without a perfect knowledge of it.
Please give me feedback if is working for you (or not) at my e-mail address.
DownloadsDownload demo project -- 132 KB
Download source -- 33 KB