We have all heard over and over that SSL without verification is not secure.
If an SSL connection is not verified with a cached certificate, it can easily be
hijacked by any attacker. So in 2013, one would think we had totally done away with this
problem. Browsers cache certificates and very loudly warn the user when a site has
offered up a self-verified certificate and should not be trusted, browser vendors have
pretty much solved this problem. However, HTTPS is not the only protocol that uses
SSL. Unfortunately, many clients for these other protocols do not verify by default and even
if they did, there is no guarantee of secure certificate transfer. After all, how many
people are willing to pay $50 for an SSL certificate for their FTPS server?
A common protocol that uses SSL but is rarely verified is IRC. Many IRC clients
verify by default, but most users will turn this off because IRC servers administrators
tend not to purchase legitimate SSL certificates. Some popular clients even leave
SSL verification off by default (IRSSI, for example). We already know that this is
unwise, any attacker between a user and the IRC server can offer an invalid
certificate and decrypt all of the user's traffic (including possibly sensitive
messages). Most users don't even consider this fact when connecting to an
SSL "secured" IRC server.
The purpose of sslnuke is to write a tool geared towards decrypting and intercepting
"secured" IRC traffic. There are plenty of existing tools that intercept SSL traffic already,
but most of these are geared towards HTTP traffic. sslnuke targets IRC directly in order to
demonstrate how easy it is to intercept "secured" communications. sslnuke usage is simple.