Collaborate Disseminate
A couple of my friends have been in a kind of pickle recently. There have been attempts to hack their Telegram accounts and hackers somehow learned their one time pass codes but the login attempts were thwarted because my friends had long … Continue reading Is it possible that Telegram’s OTP has been hacked?
If you could dump the flash from your smart toothbrush and reverse engineer it, enabling you to play whatever you wanted on the vibrating motor, what would you do? Of …read more Continue reading Sniffing Passwords, Rickrolling Toothbrushes
Assume client computer is A, server computer is B, and there is another computer C. Computer C is trying to intercept the data, and interpret the content. Assume A, B, C are all on the same wifi network in the same room (that is to say, th… Continue reading Data sniffing through WiFi connection [closed]
I thought I would be protected from sniffing if I use a VPN, even in a setting where my traffic is going through a «man-in-the-middle» either by ARP poisoning or an evil twin attack.
Now I was told, that when connecting to the VPN the init… Continue reading Can an attacker sniff the encryption details when connecting to a VPN? [duplicate]
It says on sources that promiscuous mode is required to sniff traffic that is not intended for corresponding NIC.
Network adapters with promiscuous mode can’t accept unicast traffic
intended for other VMs or traffic between other VMs with… Continue reading Why do I need promiscuous mode? Can I not sniff without promiscuous mode? [closed]
We have a project at university about MITM attacks and our focus is to show how one can get into the communication between two endpoints, given different circumstances and security measures (that we decide).
Since I don’t have much knowled… Continue reading how to use a self signed certificate to intercept traffic in MITM attack [closed]
I’ve been researching the main TLS 1.1 vulnerabilities, and from what I’ve seen, TLS 1.2 only improves the cryptographic hash functions, because TLS s 1.1 are broken.
If these hash functions are vulnerable, is there any way to break TLS 1…. Continue reading Are there any attacks against TLS 1.1 encryption?
I tried sniffing TLS web traffic on my own network and I always run against the following complications:
I need to install an additional root cert on my devices
I need to root my phone to do certificate pinning bypass
For a government th… Continue reading How can authoritarian governments sniff TLS encrypted traffic on mass scale?
Let’s say I’m using http connection over a properly set up VPN with secure protocol and implementation. Then, most likely, the connection will be secure all the way until it exits the VPN server.
But since the traffic is unencrypted, sensi… Continue reading How easy is it for hackers to intercept http traffic between VPN exitnode and the destination web service without being inside the VPN or web server?
I watched a documentary where hackers entered a victim’s house by pretending to be from the ISP and then connected a box to a router in order to spy on all of the victim’s traffic. Later, the hackers retrieved many passwords, e.g., iCloud … Continue reading What is the name of the box that hackers connect to a router in order to spy on all your traffic?