IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [tls-intercept]

173 questions
0
votes
1 answer

How Does SSL Orchestrator Work?

My organization recently added F5 SSL Orchestrator to our network that ended up breaking one of our SSL certs. There is an explanation of how SSL Orchestrator works from F5 here. The description from F5 explains that encrypted SSL traffic is…
Daniel Haverporth
  • 1
0
votes
3 answers

Nextgen firewalls - encrypted traffic inspection

I read recently about next generation firewalls that use deep-packet-inspection, intrusion-prevention and something the manufacturers call encrypted-traffic-inspection, encrypted-traffic-analytics. The manufacturers claim the encrypted traffic…
Roman Gherta
  • 111
  • 6
0
votes
2 answers

Prevent ssl pinning bypasses

I want to understand if end user is doing MITM attack on my app and i want my API server to receive this. Is there any way i can hook an SDK or some listener that tracks which certificate is being used for outgoing / incoming requests at some…
TrueStar
  • 41
  • 2
0
votes
1 answer

How to decrypt TLS traffic originating from a Windows service on my Windows 10 PC?

Some months ago I bought a peripheral device for my Windows 10 computer (think of something like a game controller). My home router has a function that allows it to capture all incoming and outgoing traffic of my home network. By chance I was…
luke359
  • 31
  • 4
0
votes
1 answer

need an Alternative to ssl pinning for web applications

I am developing a web app and while testing it on burpsuite I found that it is vulnerable to the proxy SSL certificate. I did some research and found that it was handled by a technique called SSL pinning. But the main problem in front of me is that…
Bond 007
  • 165
  • 7
0
votes
0 answers

authenication of client in one way ssl

In below ssl diagram : I have one doubt with 1-way ssl. If there is an interceptor in-between client and server who can alter in following way : In step 8, when client is sending his symetric key to server, encrypted by server's public key, if…
Rajat Goyal
  • 101
0
votes
0 answers

Manual TLS decryption with master secret

Assuming I have the master secret from SSLKEYLOGFILE client random, and server random, can I decrypt any tls traffic captured? I've started from Golang's TLS implementation, pulled the connection stuff out, had it generate the keys and iv from the…
Daniel
  • 1
0
votes
0 answers

Monitor HTTPS URL logging of a specific device of a Network

Goal The main goal is to monitor all the URL logging (HTTPS) of a specific device in my Network. So I’m decided to buy a Security tool WifiPineApple from Hak5 store. Ex. Alexa, Chromecast, and maybe iPad. Steps (Windows 10 PC) I did : configured a…
code-8
  • 125
  • 1
  • 7
0
votes
2 answers

Reasons not to preserve the certification path on an intercepting HTTPS proxy

In this environment an intercepting HTTPS proxy is used for legitimate purposes and its CA root certificate is installed on all clients. Every HTTPS proxy solution I've seen so far simply signs a new certificate directly with the CA, not preserving…
Esa Jokinen
  • 16,100
  • 5
  • 50
  • 55
0
votes
0 answers

Authentication Message in TLS

I was reading RFC8446-TLS13 and a tls visualization and could not grasp some concepts. I have all the tls connection data (client hello etc.) and SSL Logs (server_traffic_handshake_secret) I see that authentication message is all handshake messages…
keser
  • 101
  • 2
0
votes
0 answers

SSL stripping - initiate HTTPS or HTTP first?

I am quite confused. I have been reading about SSL stripping and what I have found is that The client (victim) has to initiate the first connection via HTTP The server will redirect to HTTPS - here is were interception and stripping occurs. But…
nachofest
  • 1
  • 1
0
votes
0 answers

Is it safe to use HTTPS websites over an unknown PPTP VPN?

I want to create e.g a Gmail account while connected to an unknown PPTP VPN. Is it safe, or can the owner of the PPTP VPN see my Gmail web page information, such as username or password, at all? Can the PPTP owner decrypt our information using our…
samy2k9
  • 1
0
votes
2 answers

private key of SSL certificate

To create a certificate, first we need to fill a CSR and in CSR we have to place our public key and that key pair can be generated by different ways in different devices. To do ssh, we run command (crypto key generate RSA modules 1024) and generate…
Shashank Kumar
  • 31
  • 1
  • 3
0
votes
1 answer

Why is subject verification an effective means to detect MitM attacks in TLS?

Say, an attacker fakes an original server certificate by a trusted CA using a another certificate from the same CA in a Man-in-the-middle attack. Why can this be detected using subject verification on the client-side? (I'm not asking about the…
ig-dev
  • 1,118
  • 5
  • 13
0
votes
1 answer

Need for additional verification in mutual TLS authentication with own CA

Say, the goal is to facilitate secure communication between two parties. The definition of secure is that both parties can be sure that they are actually talking to a trusted party, not somebody else they can be sure that no third party is…
ig-dev
  • 1,118
  • 5
  • 13
1 2 3
11 12