Vivek Ramachandran Posted February 20, 2009 Share Posted February 20, 2009 This presentation will demonstrate some new tools and techniques that allow attackers to silently alter, inject, and log traffic intended for secure transmission by SSL/TLS in common web applications such as online banking or secure webmail logins. It builds off of the SSL exploit tools and research on the failure of browsers to validate BasicConstraints that I published in 2002, and will include demonstrations of a new tool for exploiting current use patterns as well as some data gathered from field testing in the real world. Video of the entire presentation: http://securitytube.net/Defeating-SSL-usin...hat)-video.aspx Presentation slides: http://www.blackhat.com/presentations/bh-d...feating-SSL.pdf Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.