Jump to content

Bait and Switch


Paladin
 Share

Recommended Posts

I have played around with arp poison attacks and dns redirection and stuff and am curious if there is something out there that will allow someone to use that type of attack or jasager type attack to feed unsecure sites to people requesting said site in secure fashion. Sorry couldn't think of a nice one line way of saying it so let me try with example.

Victim: types into browser http://www.gmail.com

Attacker: goes to http://gmail.com gets all items

Attacker: rebuilds page and serves it up to allow password to send in clear text

Victim: sees same page as if you went to gmail but without the security.

I know I can do this manually by saving the page and serving it up by redirecting them to my faked page but I was curious if there was an automatic jasager style way to accomplish this. This way I do not have to know what site they are going ahead of time and there is no warning of security certificates not matching there is just no security period.

Any info on this would be much appreciated.

Link to comment
Share on other sites

Cain has a feature that does the pw stealing bit, but you would be suprised what people would do with two txt boxes on a page, and a padlock image top right! The myspace proxy scam comes to mind...

My focus is not in stealing the password that is in plain text ala cain. My focus is in automatically recreating the website in an unsecure fashion. I know how to do it manually no prob what I am looking for is an automated fake site generator.

Link to comment
Share on other sites

the trouble with cloning a web site that uses SSL to not use SSL is that it would be very difficult to spot all references that link or point to the server using SSL in an automated way. The only real way to do this is make a copy of the site, manually replace all the links and test that it works, then perform a DNS redirect or poisoning attack to send then to your server instead.

Alternatively do a SSL interception attack.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...