Jump to content

Recommended Posts

Posted

Hello Folks,

 

I am actually facing the problem with HSTS when i perform MITM ,

i would like to know if i could filter the website i want to track during the attack , example : don't redirect www.facebook.com to my MITM

 

Thanks in advance !

Posted

I've been using straight up arpspoof and dnsspoof with hosts file changes, but HSTS will block that quickly. I tried mitmf(man in the middle framework), which claims it can do SSl strip and HSTS blocking, but sadly, I couldn't even get it to hook my test box for any site, at all. getting it to work would be nice though since it has a host of things it can do from injecting keylogger via javascript injection to various types of MITM attacks with the SSL/HSTS being the one I wanted to test. Google seems to block with HSTS while something like AOL.com, was hit or miss for me with the arp and dns spoof alone. Sometimes I got my default apache page for local web server, other times it loaded the https site, so if that HSTS header is seen, it's pretty hard to block as browsers know not to load the page. My Opera browser testing for google put up an error about possible security issue, so browsers are also getting smarter to some extent, and I think certain sites like Google for one, have some hard coded/saved data for known HSTS sites(but don't quote me on that).

Posted
11 minutes ago, digininja said:

Think you are talking about HSTS preloading

https://scotthelme.co.uk/hsts-preloading/

That's great info. I knew Chrome did something like this, but I use Opera(which is based on chrome in parts) and shares a lot of functions of Chrome and interface. This confirms my suspicions though that browsers have loaded site lists. Thank you!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...