Collaborate Disseminate
I am looking at this vulnerability: CVE-2019-0231
The NVD description says:
Handling of the close_notify SSL/TLS message does not lead to a
connection closure, leading the server to retain the socket opened and
to have the client potentia… Continue reading why CVE-2019-0231 is critical? [closed]
I would like to use mitm transparent mode with wireguard
So I tried this
mitmweb –mode wireguard 0 (3.656s) < 19:02:30
[19:02:32.784] ——… Continue reading mitmproxy with wireguard to log all network traffic on my machine (arch linux): SERVAIL Recursive question
I know that TLS MitM can get HTTP/S traffic decrypted when using certificates.
I’m wondering if it has the ability to decrypt the Apple Airdrop protocol as well as it doesn’t go through a server and uses WiFi Direct to create a peer-to-pee… Continue reading Can a TLS MITM decrypt Apple Airdrop files?
I’m working on a very limited client (based on Poky from the Yocto Project), on which I want to redirect all http/https requests to my other machine on the same network. I have nftables available on the target and verified this, by success… Continue reading Redirect all outgoing http and https requests to Burp using nftables
I have a small intranet, in which I have complete control over its deployment. I can even do MiTM, packet inspection/injection etc.
There is a router and then there are 5 users behind the routers.
The issue I am facing is that I cannot ide… Continue reading Identifying user behind a router [closed]
It’s a well-known secret that inkjet ink is being kept at artificially high prices, which is why many opt to forego ‘genuine’ manufacturer cartridges and get third-party ones instead. Many …read more Continue reading Man-in-the-Middle PCB Unlocks HP Ink Cartridges
As I learn more about cyber security, I’m seeing a greater number of ambiguous acronyms (within the same field of cyber security) for various attacks. I was confused when reading articles that refer to MITM in differing manners. Besides th… Continue reading MITM/MTM – Vague Acronym Meanings in Cyber Security [closed]
Suppose that my certificate authority issues private certificates using the same chain for all of their customers. Does this mean that a malicious actor who happens to be another one of their customers can easily perform an MiTM without a … Continue reading Are my internal systems susceptible to MitM if the root/chain is shared amongst all customers?
I go to a secondary school and want to use my Macbook Air to type out long essays. The school won’t allow anyone to connect to the WiFi unless we download an SSL certificate (the file is labelled as WebScreenCert). I’ve researched it and t… Continue reading My school wants me to download an SSL certificate to connect to WiFi. Can I just avoid doing anything private while on the WiFi?
I have an interesting problem to tackle, let’s say we have different clients for an app that we serve some JSON documents. If, perchance, some leak happens I’d like to know from which client the leak happened, knowing that we have like a c… Continue reading Security measures with JSONs watermarking and such