[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability
- To: Tim <tim-security@xxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Predefined Post Authentication Session ID Vulnerability
- From: Douglas Huff <mith@xxxxxxxxxxxxxx>
- Date: Fri, 13 Jul 2012 13:14:59 -0500
On Jul 13, 2012, at 11:07, Tim <tim-security@xxxxxxxxxxxxxxxxxxx> wrote:
> This is complicated, but it's not that much more complicated than what
> existing MitM tools, such as sslstrip, already do.
Better. I'm fairly certain this entire attack could be automated/orchestrated
with mitmproxy with close to zero code changes.
Only "hard" part is the procurement of a ca that will work on the target or
finding some "behind the firewall" app to target that already uses a
self-signed/invalid cert the users are used to clicking through.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/