» Blog Archive » A proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS

A proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS

Nov 8th, 2009 by carrumba

This is the document with the proof of concept which explains the attack on the SSL/TLS reconnect vulnerability. It allows to inject data into the encrypted data stream, often without detection by either end of the connection.

I normally don’t publish exploit codes because of it’s short time value. But this one is rather special. It shows an alternative to the techniques we use here (the human factor as weakness). It’s a design flaw.

Read the document here.

tags: Attack, SSL, TLS, Vulnerability

posted in Reading material, Stuff

But please respect the commenting rules. Critizism is appreciated and also general comments of course. If you're rude, I have to delete your comment. Also use your personal/nick name but avoid using business names. Have fun and thanks for participating the discussion.

Search for
Places
Categories
- Antivirus (4)
- Articles (16)
- Bot sources (1)
- C# (10)
- Carding (4)
- Coders corner (12)
- Crypto (3)
- Deutsch (7)
- External tools (20)
- Info (7)
- News & media (110)
- Off topic (9)
- Phishing (1)
- RAT sources (5)
- Reading material (14)
- Stuff (59)
- Tools & sources (67)
- Worm sources (4)
Recommended
- slotshero.com free slots
Archives
- http://bit.ly/aSf23y who wants to give it a try ? 02:27:09 PM September 01, 2010 from web
- i rewrote the proxy server+the CONNECT method is supported now.the first bots are already there.i'll send updates if sth. intresting happens 08:34:33 AM August 31, 2010 from web
Blogroll

A proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS

Leave a comment

Search for

Places

Categories

Recommended

Archives

Blogroll