Jump to content

Just another SSL MitM question


Sildaekar
 Share

Recommended Posts

Ok, so I know the basics of SSL, as well as HSTS but I recently got to thinking about MitM attacks using some sort of proxy such as mitmproxy.

The proxy would basically generate self-signed certs and send them to the client, and yes I know there would be that ugly popup. I recently, however, came across cert pinning and was wondering just how widespread this is? I mean for example if I visited https://google.com/ and attempted to sniff the password I entered using the method stated above would certificate pinning prevent this?

Also just how widespread is this practice?

My apologies but this is my first time hearing of this and all I know is what I read over at the security stackexchange.

Link to comment
Share on other sites

Further reading.

Basically, certificate pinning is a way by which the server ensures someone doesn't switch the cert on the client while the server cert is still valid, thus thwarting an MitM attack that involves SSL. It's like HSTS on steroids and the same rules apply: if you MitM before first contact, you can be successful. In all other cases your deception will be discovered by the client and it will subsequently refuse to communicate with you.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...