Page 1 of 3 123 LastLast
Results 1 to 10 of 24

Thread: Undectable MITM/SSL in Wlan Network?

  1. #1
    Junior Member Maniaxx's Avatar
    Join Date
    May 2008
    Posts
    38

    Default Undectable MITM/SSL in Wlan Network?

    Hallo,
    lets say there are several clients in a wlan and someone is using Thunderbird or Firefox with SSL (lets say gmail/pop3..) to receive emails. If someone (in the same wlan) will set up a MITM attack is it possible the client doesn't get notified about the attack? Or in other words is a perfect MITM attack possible in the intranet before entering the internet? I'm not sure but isn't ssl auth done between AP and destination (gmail) only and everything before or after is vulnerable? I think i read in the forum that ssl itself does always know about the security breach. Its only the programs that do not give proper error messages. Is that true?

    I sniffed with wireshark and handshaking was done with gmail servers directly but you never know someone (in the wlan) will set something up later. I don't want to run wireshark all the time. Its a shared wlan by design but you never know what ppl are doing late at night so i'm wondering if everything really remains private if no error comes up when i get my emails.

  2. #2

    Default

    The user should be presented with an invalid certificate pop-up and be asked if they want to accept it or not, or should get a firefox "certificate error page" (can't remember the exact name, it's what happens with invalid certs when using newer firefox versions).

  3. #3
    Junior Member Maniaxx's Avatar
    Join Date
    May 2008
    Posts
    38

    Default

    Ok, so SSL itself is safe against MITM attacks. Thanks!

  4. #4
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Well given the right amount of CPU power you could be able to create a SSL certificate by using a MD5 hash collision causing it to look like the originial certificate of a site but it will be working for your computer information (IP, name etc).

    Fortunately people won't have the necessary hardware for quite some time. Or would you purchase around 200 PS3's?
    Tiocfaidh ár lá

  5. #5
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    Firefox with SSL
    There was a way on firefox, that if you new what site they were going to, and it was https, you could send there cert, but they would have had to have gone to the site before(cache).
    Try milworm, if you cant find it I will post it, it just a coulpe of line of html code.

  6. #6
    Just burned his ISO htons139's Avatar
    Join Date
    Sep 2008
    Posts
    23

    Default

    Moxie Marlinspike has developed a tool called sslstrip that can trick browsers into thinking they are on an SSL/HTTPS secured site when in fact they are not. The implication is that all the traffic from the regular HTTP site could then be easily collected by an attacker since the information is not secured. Search the forum for "ettercap & sslstrip"
    In a world where data is the coin of the realm, and transmissions are guarded by no better sentinels
    than man-made codes and corruptible devices, there is no such thing as a secret

  7. #7
    Member kazalku's Avatar
    Join Date
    Feb 2009
    Posts
    416

    Default

    Quote Originally Posted by Maniaxx View Post
    Ok, so SSL itself is safe against MITM attacks. Thanks!
    I don't think so.....

  8. #8
    Junior Member Maniaxx's Avatar
    Join Date
    May 2008
    Posts
    38

    Default

    But if you (or the software) checks for valid certificates it should be safe. If i get it right none of these methods can fool that.

  9. #9
    Junior Member imported_fridash's Avatar
    Join Date
    Dec 2008
    Posts
    51

    Default

    """Ok, so SSL itself is safe against MITM attacks. Thanks!""
    All fixed set patterns are incapable of adaptability or pliability. The truth is outside of all fixed patterns.

    Bruce Lee

  10. #10
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    sslstrip

    /Thread
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •