Jump to content

Existing user? Sign In
Sign In

Remember me Not recommended on shared computers

Forgot your password?

Or sign in with one of these services
Sign Up

Browse
- Forums
- Staff
- Online Users
- More
Activity
Leaderboard
More
- More

Security

Tls 1.0 > Vuln

Pwnd2Pwnr

By Pwnd2Pwnr
September 13, 2012 in Security

Share

Recommended Posts

Pwnd2Pwnr

Newbie

Pwnd2Pwnr

Posted September 13, 2012

- Share

Posted September 13, 2012

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions | The Hacker News - Security Blog

The creators of BEAST (Browser Exploit Against SSL/TLS) claim to have found a vulnerability in HTTPS.

"Once they had the cookie, Rizzo and Duong could return to whatever site the user was visiting and log in using their credentials."...

Hackers make jobs!

Quote

Link to comment

Share on other sites

4 weeks later...

Life like Opossum

Newbie

Life like Opossum

Posted October 6, 2012

- Share

Posted October 6, 2012

Is this anything like gathering session tokens? This seems like a bit more work as it requires that the cookie be decrypted before it can be used.

Correct me if I'm off here, but I just feel like this has already been done before.

Quote

Link to comment

Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest

Reply to this topic...

× Pasted as rich text. Paste as plain text instead

Only 75 emoji are allowed.

× Your link has been automatically embedded. Display as a link instead

× Your previous content has been restored. Clear editor

× You cannot paste images directly. Upload or insert images from URL.

Insert image from URL

×

Share

Go to topic listing

Recently Browsing 0 members
- No registered users viewing this page.

×

Browse
- Back
- Forums
- Staff
- Online Users
Activity
Leaderboard

×

Create New...