IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [tls-intercept]

173 questions
0
votes
1 answer

Format of finshed message when the cipher selected is "TLS_ECDH_ECDSA_WITH_NULL_SHA"

i wanted to understand difference in the "Finished message" when different cipher site selected with encryption and with out encryption. I am able to find the format of Finished message when the selected cipher suite includes encryption as…
kumar s
  • 5
  • 1
0
votes
2 answers

Intercepting Android 9 app-traffic

I used MitMproxy until recently I switched from the Samsung Galaxy S5 to the S9+ which runs Android 9... and suddenly I can't intercept apptraffic anymore. Looks like the proxy in the wifi-settings is ignored completely by apps? Aside from that I…
Phish
  • 1
0
votes
0 answers

Intercept mobile traffic using burp

I'm trying to intercept a mobile traffic of an android app I built using burp suite. I connect the mobile device to burp proxy, and install the CA. But I get a protocol error message, and couldn't see the traffic at the Proxy tab. 1563960835366…
Nirgn
  • 101
  • 3
0
votes
0 answers

TLS connection - Detecting data breach / manipulation

I need some help in creating a secure connection using TLS. I have a downloadable software that connects to our server using TLS connection. We want to ensure that the data sent by client to the server is secure and cannot be seen or manipulated by…
Rahul
  • 171
  • 3
0
votes
1 answer

One domain using certificate of other domain

I recently Googled a website e.g A.com and found B.com in search result at the top. In reality A.com should be on top as B.com doesn't have anything in common or related to A.com but Google shows it in search result at top. In fact all meta tags /…
Alkemi
  • 3
  • 1
0
votes
1 answer

HTTPS MITM Proxy breaks HTTPS

I tried to reverse engineer an Android APP using MITMProxy, and the Server responds with an unauthenticated-error. If the whole authentication would be using headers (Basic, etc...), the Proxy should forward those headers. And it does forward the…
Daniel D.
  • 11
  • 1
0
votes
0 answers

Proxying an Android application with Burp Suite

I'd like to proxy an Android application with Burp Suite. The application uses certificate pinning via OkHttp3. I solved this by modifying the source code, now the application accepts the certificates generated by Burp Suite's CA. The application…
PaperTsar
  • 123
  • 5
0
votes
2 answers

How to check Google SSL certificate?

I encountered this error on Google Chrome on my Windows 10. I solved it by installing the certificate and now it is working fine. I wonder, how do I know the certificate I have is legit? That is, that it actually comes from Google and not from a man…
lch
  • 103
  • 4
0
votes
1 answer

https: Is my company connection intercepted?

I wanted to find out whether my company can see what I'm posting online as soon as using websites using a valid https certificate. I know there are a lot of posts here about whether my company can find out which URLs I've visited. Now I wanted to…
tim
  • 851
  • 7
  • 13
0
votes
0 answers

How is a password intercepted on a website not using an SSL certificate

I have recently been working on an internal website at my current company. I am using Ajax and PHP to check that the username and password entered in the login fields match what is stored in the database. The Ajax script is storing the username and…
Edward Hall
  • 101
0
votes
1 answer

Do SSL proxies such as those from antivirus vendors hijack client processes?

In an attempt to understand the topic further, the following posts were reviewed. Why is 'avast! Web/Mail Shield Root' listed as CA for google.com? Are the certificates from “skype click to call” and “avast! Web/Mail Shield” any better than…
Motivated
  • 1,493
  • 1
  • 14
  • 25
0
votes
1 answer

How can I know the protocol versions supported at OpenSSL1.1.0g

How can I identify the versions (TLSv1.2, TLSv1.1, TLSv1.0, SSLv3, etc.) supported in OpenSSL1.1.0g when I manually compile it from its source (NOT the one shipped with the OS like ubuntu) without explicit disabling any version in the…
user9371654
  • 469
  • 1
  • 6
  • 15
0
votes
1 answer

Authenticating Certificate for School Wifi

My school wifi, which requires me to login using ny username and password, is requiring that I accept a certificate in order to connect. I don’t know if this is a trusted root certification but what does this certificate enable them to do? Does this…
Studenttryingtostudy
  • 3
  • 1
0
votes
1 answer

What problem would there be with an open private key for developers to use?

I always find it a pain to create a new key for development and I was thinking of doing something like this both for myself and to help other developers out: Register a domain like fakesite.com Get a wildcard ssl certificate Make both the…
Jason Goemaat
  • 592
  • 3
  • 7
0
votes
2 answers

Why did OCSP Must-Staple break BitDefender SSL interception

I use one of my website as a test for various TLS techniques. Recently I added OCSP Must-Staple to this domain. After a week I got a complaint from a user they were unable to visit the website. They got the error from Opera, Edge and Chrome. The…
ontrack
  • 186
  • 1
  • 3
1 2 3
11 12