Help with security certifications? Hard Question
O.K. bare with me. This is kind of an in depth question, and i'm going to try and explain the best i can and it so it follows the rules here =]
I cant go into much detail without breaking any rules but if you think you know what i'm talking about feel free to PM me.
Here it goes:
After successfully cracking my WEP key I booted up ettercap (in GUI mode) and I can successfully "poison" my shitty old laptop easily. Now when i'm on the "poisoned" (shitty) laptop and try to log into any site (we will use facebook/gmail/myspace/my college as example) a security certification warning comes up. This is obviously suspicious, if i click accept and/or continue, etc. then the username/password is send to me like it should. but having that security certification is a problem.
so my question is: is there anyway to "spoof" or do something to trick the computer to think its the real site and not send a security certification.
I hope this makes sense.
Good friend of the forums
Haven't really thought about it, but if you try connecting out to a server on the internet the proxy forwards it to the real site, and the proxy does all the ssl trans and then uses its on encrytion to your computer that ettercap doesn't know then it should work.
Alot of programming though
Im pretty sure that it only happens in IE7 or Mozilla because they were trying to fix that very exploit. which browser are you using?
no it happens in all browsers i tried
so is there anyway around this