undefined | Better HN

0 points_joel1y ago0 comments

By using mitm, basically "pretending" you're the site the victim wants to connect to and trasparently connecting to the actual upstream site. Basically decrypting the traffic locally for inspection before sending it back out. https://en.wikipedia.org/wiki/Man-in-the-middle_attack. You don't need a root CA, you just need to poison the DNS to point to the mitm server and just present any old valid cert for the domain so it doesn't trigger a self-signed warning or whatever.

0 comments

bcye1y ago

How can you take any old valid cert though? I presume they have some sort of private key you don't have access to and it would still trigger an expired cert warning?

j / k navigate · click thread line to collapse

0 points_joel1y ago0 comments

0 comments

bcye1y ago

How can you take any old valid cert though? I presume they have some sort of private key you don't have access to and it would still trigger an expired cert warning?

j / k navigate · click thread line to collapse