Rogan Dawes

Downloadable code

This page is used to provide access to the potentially interesting programs that I have written

Joshua - a Perl war dialler

Joshua is a quick and dirty implementation of a war dialler in Perl. The idea was that one could use as many modems as one had available, and simply parallelise the task.

The only reason I am putting this up is because I was unable to find much code or examples of using a serial port to talk to a device under Perl, and I thought that I'd at least put my research back onto the web. There are also some code fragments that I found online with regards to converting streams read at different parity and byte length in the archive. e.g. convert 8E1 to 7N2.

Here is a link to the tarball

Mangle - a perl proxy for mangling HTTP/S requests

Mangle is a web application review tool. It acts as an HTTP/HTTPS proxy, and allows the reviewer/attacker to modify or review the requests and responses sent between the browser and the web server.

Development on Mangle has stopped, but the code is here for historical purposes.

Download mangle

Exodus

Mangle was ported to Java, in frustration at various design compromises, and portability issues, and called Exodus. More information about Exodus is available on a separate page. Exodus was simply a proof of concept, and has also been abandoned. All future efforts in this direction will go into WebScarab. Webscarab already has significantly more functionality than Exodus, and has benefitted from many bugfixes, and a cleaner design

WebScarab

WebScarab is the followup to Exodus, as mentioned above. The official home page for WebScarab is on the OWASP web site. However, there is a page devoted to it on my own site, where the odd interim build may be found.

Java and SSL

Writing SSL programs in Java can be quite confusing, as soon as you stray off the beaten track. For example, when the server uses a self-signed cert, with an incorrect hostname . . . .

Here is a sample program that demonstrates a number of fairly advanced techniques, using Sun's new PKCS#11 support (new in 1.5) with Love Hornquist Astrand's SoftToken, accepting any server certificates, regardless of the hostname, and selecting a particular alias from the KeyStore.

Feedback

Comments are always welcome. Mail me at <rogan@dawes.za.net>