Questions tagged [tls-intercept]
The tls-intercept tag has no usage guidance.
183
questions
1
vote
1
answer
88
views
How exactly do corporate companies decrypt employee SSL/HTTPS traffic on company owned corporate devices? [duplicate]
I understand that corporate companies can/do decrypt employee SSL/HTTPs traffic because the company owned device has a company owned SSL certifiate.
I thought the first certificate would encrypt the ...
- 155
0
votes
1
answer
144
views
Can a VPN company perform a MiTM attack if SSL Pinning is in place?
Recently, I read news about Facebook acquired the Onavo VPN company to monitor Snapchat users' traffic. It seems they executed a Man-in-the-Middle attack by replacing the certificate. But could they ...
0
votes
3
answers
220
views
Does TLS interception necessarily require a self-signed certificate? Please explain why
A brief schema of a TLS intercepting proxy - the Client connects to the Host via the Proxy in a way which allows the Proxy to perform a (consensual) MITM.
[Client] -> [Proxy] -> [Host]
It's ...
- 511
1
vote
0
answers
91
views
Triple handshake (TLS) EMS protection against attacks
In TLS we have such an extension as EMS (extended master secret).
It has been applied to protect the master secret. But I don't understand how it helps against triple handshake attack.
I assume that ...
- 11
1
vote
2
answers
275
views
How can I enhance the security of SSL pinning in my mobile app to prevent certificate exposure?
For example, let's say my backend address is api.xyz.com, and I have a mobile application. This application sends requests to api.xyz.com. The application employs SSL pinning, where it pins the ...
2
votes
0
answers
924
views
Couldn't establish a secure connection
NordVPN popped up with
"Couldn't establish a secure connection." "We couldn't validate this
TLS certificate and ensure a secure connection required for NordVPN to
run. It looks like ...
- 21
0
votes
1
answer
170
views
Connect to corporate wifi with personal phone - decrypt https?
Someone asked regarding wifi yesterday but can't find the post anymore.
When connecting to corporate wifi with my personal iPhone for first time, I am asked to trust a "Root CA". However, I ...
13
votes
1
answer
4k
views
SSL issue captures Facebook app send out traffic
I tried to capture the send-out traffic of the Android app (Google Drive, Facebook, etc.). This is my security thesis.
I succeed capture send-out traffic on the Google Drive app with Mitmproxy but ...
- 233
1
vote
0
answers
205
views
Central Web Proxy vs Endpoint Protection
Imagine the following imaginary scenarios:
In order to browse the Internet, users must go through a central web proxy. It is authenticated and can enforce rules about who can access which URLs or ...
2
votes
1
answer
2k
views
Is SSL pinning bypass considered a vulnerability? If yes, what are the tightening/solution suggestions?
I'm a pentester and this is my first question here. I've managed to circumvent the ssl certificate pinning implementation on a few mobile apps.
Frankly, the applications I test are critical bank ...
- 35
1
vote
1
answer
814
views
Can messages be intercepted when in airplane mode?
Recently started turning my phone on airplane mode and it got me curious. Airplane mode is supposed to turn off all radio signals. So, I won’t be able to receive or send messages (emails aswell, and ...
- 27
0
votes
0
answers
123
views
Check insecure connection with script
I'm checking connections that traffic data in plain text, example: **http://**site.com
but I'd like to check with some script.
Does anyone know any scripts or how I can use openssl to find out if a ...
2
votes
1
answer
2k
views
Can a HTTP proxy see HTTPS traffic?
I was checking some things with the (Chromium) inspect tool and I saw that if you go to the 'Network' section the IP address wasn't the actual DNS A (IPv4) or AAAA (IPv6) IP address but the Proxy IP ...
- 31
4
votes
1
answer
274
views
x509 certificates are still exposed even with Encrypted Client hello?
Encrypted Client Hello hides Server Name Indication (SNI). However, looking at the TLS Handshake (https://tls12.ulfheim.net/). Wouldn't it be possible for a middle-man to inspect the TLS Handshake and ...
- 141
3
votes
2
answers
9k
views
How is man-in-the-middle attack prevented in TLS? [duplicate]
As I understand the original master key, which is used to encrypt the application data is never transmitted over the wire and it is calculated on both client and server individually using a hashing-...
- 131