Pwnd2Pwnr Posted September 13, 2012 Share Posted September 13, 2012 CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions | The Hacker News - Security Blog The creators of BEAST (Browser Exploit Against SSL/TLS) claim to have found a vulnerability in HTTPS. "Once they had the cookie, Rizzo and Duong could return to whatever site the user was visiting and log in using their credentials."... Hackers make jobs! Quote Link to comment Share on other sites More sharing options...
Life like Opossum Posted October 6, 2012 Share Posted October 6, 2012 Is this anything like gathering session tokens? This seems like a bit more work as it requires that the cookie be decrypted before it can be used. Correct me if I'm off here, but I just feel like this has already been done before. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.