If I have got this right in my head it would be a simple enough task to combine arp spoofing on a public WiFi to redirect clients to an evil SSL server which sends malformed heartbeat requests or to set up a honeypot WiFi and use the box as a router.. not many people would notice this as most public WiFi hotspots redirect you to a login page on connection.. my question is what information can be gained from the client side attack (other than their private keys which in this usage case wouldn't be that valuable as we already have ssl strip etc..)?
Asked
Active
Viewed 1,041 times
2 Answers
2
Vulnerable clients are less of a problem than vulnerable servers. The major web browsers don't use OpenSSL for security, and most non-browser clients (eg. database interfaces or email programs) are rather picky about which servers they connect to.
Mark
- 34,390
- 9
- 85
- 134
-
But server addresses can easily be spoofed on a rogue ap with its own dns – Sam Aldis Apr 10 '14 at 10:37
0
dublicate actually
I have tested my self firefox and google chrome on my systems - looks like not affected
tested wget - affected - but probability that someone will use wget not high.
So for clients side all looks not so bad, because general user tools looks like not affected.
