man-in-the-middle – Page 26

Can a man-in-the-middle replay a valid X.509 certificate? [duplicate]

Posted on March 28, 2021 by user120513

Consider the following scenario:

M (who will later be the man-in-the-middle) connects via https to bank.com. He saves the X.509 certificate (or certificate chain) received from bank.com.

Alice starts a https connection to bank.com.

M in… Continue reading Can a man-in-the-middle replay a valid X.509 certificate? [duplicate]→

Manage API key on mobile platform

Posted on March 25, 2021 by Mathis

As I am currently working a lot with mobile applications a question arised:
How to properly store and transmit API keys within mobile applications?
When I analyze mobile applications most of the times it is easy with the right tool to extr… Continue reading Manage API key on mobile platform→

Prevent ssl pinning bypasses

Posted on March 16, 2021 by TrueStar

I want to understand if end user is doing MITM attack on my app and i want my API server to receive this. Is there any way i can hook an SDK or some listener that tracks which certificate is being used for outgoing / incoming requests at s… Continue reading Prevent ssl pinning bypasses→

Facebook and Yahoo 2FA SMS codes from odd numbers [duplicate]

Posted on March 11, 2021 by hyperio

When logging in to Facebook/Yahoo mail, I receive my 2FA codes from random numbers. Here are some examples (I have a Romanian phone number, hence the country codes):
+40 747 691 103
+40 727 347 814
+40 758 942 742
+40 759 158 056

and the … Continue reading Facebook and Yahoo 2FA SMS codes from odd numbers [duplicate]→

Can CloudFlare intercept traffic of a "DNS only" subdomain?

Posted on March 8, 2021 by Lucas Bustamante

I care about privacy and I use Cloudflare as a reverse proxy to block malicious bots from my website.
I have the mail subdomain for my self-hosted e-mail traffic, which is a subdomain marked as "DNS only" in CloudFlare:

I don’t … Continue reading Can CloudFlare intercept traffic of a "DNS only" subdomain?→

How to prevent SSH host impersonation attacks?

Posted on February 6, 2021 by Ashraf Yassin

I have an SSH server, where users can login to with their username and password. I want to prevent attacks that try to steal the user’s passwords.
Is there a way to prevent an impersonation attack on my SSH server?
The attack scenario:

Us… Continue reading How to prevent SSH host impersonation attacks?→

Is HTTPS over LAN effective?

Posted on February 5, 2021 by Cipher Visor

From my understanding, while HTTPS does not stop a mitm, it makes it so the mitm cannot read the plaintext requests. But, the mitm could still tamper with the public/private keys anyways, so in came the use of encryption certificate compan… Continue reading Is HTTPS over LAN effective?→

Can you automate an LLMNR request that will also send NetNTLM hash?

Posted on February 2, 2021 by dlowrie290

I am looking to create a Windows AD Hacking Lab that will consist of 2 machines, DC and Client, and I have a shared folder on the DC.
I want to create a scheduled task or something to that effect that will allow me to capture an NetNTLM ha… Continue reading Can you automate an LLMNR request that will also send NetNTLM hash?→

Can a middleman intercept a message via https? [closed]

Posted on February 2, 2021 by io Lathief

The client sends a request to the server. The message is encrypted so the middlemen can not read it. Does this mean the middle man can not even modify / edit data (the encrypted data)?
e.g. The message is {value: 100}. A middleman blindly … Continue reading Can a middleman intercept a message via https? [closed]→

intercept TCP traffic on compromised router

Posted on January 25, 2021 by Kuze

I have this configuration
GATEWAY1 <—-> ROUTER <—> GATEWAY2

I am on the compromised router, and I want to intercept/block the packets that come from G1,edit them , and forward on Gateway 2,acting as a MiTM.
I know that I c… Continue reading intercept TCP traffic on compromised router→