Avoid invalid ssl certificate popup ?

Printable View

06-07-2011, 09:00 AM
ronin101

Avoid invalid ssl certificate popup ?

Is there a tool or a method to avoid the "invalid certificate" browser popup when sniffing ssl traffic ?

I've expiremented with ettercap and webmitm and also sslstrip

But I'm wondering if it's possible to keep the ssl connection (not like sslstrip) and yet sniff the traffic without the warning ?
Could it be possible to put our own face certificate on the victim's machine to avoid further popup ? I'm interested in any method practical or theoretical.

Thanks
07-24-2011, 04:24 PM
Stan464

Re: Avoid invalid ssl certificate popup ?

Don't think so, depending on the browser of choice, it will warn the user that the certificate is possibly fraudulent, you could try by adding your own SSL Details, i know there's an option for it somewhere, but you will need to set a generic one for soemthing like "Verisign" but it may or may not work.

All times are GMT. The time now is 06:14 PM.