I found a thing which's very intersting recently.
1. We can capture and decrypt regular TCP socket connection.
2. We can capture and decrypt HTTPS connection which's based on SSL/TLS.
3. We can't capture and decrypt SSL/TLS connection. :-/
Ah, that's not good. Let's make one. Here's the basic concept:
THE NORMAL CONNECTION ROUTINE +------+ TLS With Server Cert +--------+ | User | <----------------------> | Server | +------+ +--------+
THE TLS PACKET CAPTURE ROUTINE +------+ TLS With Our Cert +-------------+ TLS With Server Cert +--------+ | User | <-------------------> | Fake Server | <----------------------> | Server | +------+ +-------------+ +--------+
In a word, it's a typical man in the middle capture routine. And we
will build something like a SSL/TLS reverse proxy.
Source Code not avaliable yet, still work in progress...