|
|
|
|
posted in Info on Dec 6th, 2010
G’morning. I’ll spend my time this week on a new tool for MITM attack on HTTP layer. This asks for (Win)Pcap skills which I still don’t really posses even after some days of black belt ninja Pcap-Training. Maybe the basics to build a sniffer and parse the packet data are there but it’s not enough [...]
posted in Coders corner, Tools & sources on Oct 13th, 2010
Tool name : OpenProxy Description : OpenProxy is a small PERL HTTP proxy server script. It listens on the well known proxy ports and waits for incoming requests. The idea behind this script is to filter out the interesting traffic like HTTP/FTP authentication data and eavesdrop connections where the HTTP proxy is used for [...]
The last weeks I was tinkering around on an old HTTP proxy skript I wrote about one year ago. This script doesn’t contain any rocket science skills and you have the same or probably even more functionality with any other HTTP proxy. Implementing the server in PERL allows me to extend, modify and adjust it [...]
posted in External tools, Tools & sources on Aug 11th, 2009
At BlackHat DC 2009 Moxie Marlinspike demonstrated how to subvert HTTPS with SSLStrip. SSLStrip intercepts HTTP traffic, watches for HTTPS links inside the data stream and maps these HTTPS links to HTTP. Whenever a victim clicks on such a mapped HTTPS link SSLStrip will notice it and act as a HTTP2HTTPS proxy server. All the [...]
posted in Articles on May 6th, 2009
In the first part of this series I wrote about the different ways how attackers propagate malware by sending an infectious executable file or an USB memory stick to their victims or let them pick up an infected file in a file sharing network like emule or bittorrent. In this article, as promised in the [...]
© 2012 all rights reserved.