Man-in-the-middle (MITM) describes a type of security attack where a device that is physically or logically situated between the sender and receiver impersonates them.
Questions tagged [man-in-the-middle]
48 questions
271
votes
11 answers
Remove key from known_hosts
I built several virtual machines during the last few weeks. The problem is, the .ssh/known_hosts gives me the Man in the middle warning. This happens because another fingerprint is associated with the virtual machine IP.
In the .ssh/known_hosts…
Adam Matan
- 8,090
- 17
- 59
- 84
127
votes
8 answers
How do I deal with NET:ERR_CERT_AUTHORITY_INVALID in Chrome?
My work place intercepts SSL connections, looks at their contents, and then passes the data to and from my machine and remote hosts - a kind of man-in-the-middle attack. This is not uncommon in corporate or enterprise environments.
Now I have a…
Richard
- 3,391
- 2
- 21
- 24
12
votes
1 answer
How to remove Bitdefender root certificate from Firefox/Thunderbird/Chrome
I'm using "Bitdefender Antivirus Free Edition 1.0.9.54" on my Windows 10 home PC
Antimalware Engine 7.73769
During the last days I got a popup which asked me to shutdown Firefox/Thunderbird/Chrome in order to install "Bitdefender Root…
Simone Avogadro
- 241
- 1
- 2
- 5
7
votes
1 answer
Repeater injected to my network?
I know this is not that kind of support website but on the other side I found my problem very fascinating so I'll post it anyway.
Yesterday all of my machines disconnected from my home network.
It took a while until they could reconnect again. Then…
Lama
- 171
- 3
7
votes
1 answer
Inspecting websocket traffic with proxy
I'm using Charles Proxy to inspect traffic from my Android apps. I have the phone configured to proxy all traffic through Charles, which is installed on my PC.
Everything has worked thus far (HTTP/HTTPS traffic) except for websocket traffic. I have…
blizz
- 403
- 3
- 9
- 23
4
votes
2 answers
Router eavesdropping on SSH tunnel?
So I'm on a public WiFi network that blocks websites like YouTube in order to conserve bandwidth. I'm assuming the router is monitoring all traffic and rejecting all requests sent to the sites on its blacklist. In order to get around this, I tried…
eyuelt
- 141
- 4
4
votes
0 answers
MITM the Android emulator
I am trying to man-in-the-middle the Android emulator so I can decrypt the SSL-traffic with sslsniff. The problem is that the traffic doesn't seem to get routed through sslsniff, even when I have added the iptables rules. sudo iptables -t nat -A…
user1049697
- 651
- 4
- 12
- 18
4
votes
4 answers
Strange phishing attack?
When I login to wachovia/wells fargo/amazon/paypal , no matter the user/pass that I insert, i get a "we need to verify your information" page where they ask me everything, from the atm pin to my ssn to my mom's maiden name (LOL)
Then, when i insert…
Magnetic_dud
- 3,580
- 6
- 37
- 54
4
votes
5 answers
Unable to to install sslstrip in kali linux with "apt-get install sslstrip" causes error "Unable to locate package sslstrip"
I have a kali linux vm provided by my university. It doesn't seem to have sslstrip preinstalled.
When I try to install it, I get this error
root@kali:~# sudo apt-get update && apt-get install sslstrip
Hit:1 http://kali.cs.nctu.edu.tw/kali…
Enzio
- 141
- 1
- 1
- 3
3
votes
1 answer
How to use Charles as proxy to decrypt HTTPS messages in Wireshark?
I know I can view decrypted HTTPS data directly in Charles. But I want to view lower level SSL messages in Wireshark. So I setup Charles as the SSL proxy, using my own certificate, and I setup SSL dissector preference in Wireshark with local IP…
an0
- 149
- 1
- 6
3
votes
4 answers
Detecting man-in-the-middle attacks?
There seem to be many possible ways to create man-in-the-middle attacks on public access points, by stealing the access point's local IP address with ARP spoofing. The possible attacks range from forging password request fields, to changing HTTPS…
Ilari Kajaste
- 3,503
- 6
- 37
- 43
3
votes
2 answers
How does HTTPS avoids the key for encryption to be sniffed in the first place?
When a 2 computer establish an HTTPS connection them have to resolve what key is going to be used, right?
So, to do that, at some point the key have to travel unencrypted from one computer to another, no?. At that moment, isn't it possible to a…
Zequez
- 1,602
- 4
- 22
- 24
3
votes
1 answer
Open captive portal in regular browser?
I just read this question How does Firefox know my ISP login page? which made me think of a related issue:
On all devices I have, the captive portal is opened using, I guess, a "browser view" rather than the regular browser. In some cases where I…
d-b
- 636
- 1
- 6
- 24
3
votes
0 answers
MITM redirecting to my own NTP server, blocking traffic to Apple NTP pool
CONFIGURATIONS
ipv4.forwarding 1 (ON)
arp_cache_poisoning between VICTIM & D.G.. (192.168.1.100 & 192.168.1.1)
**LAN**
VICTIM: 192.168.1.100
ATTACKER: 192.168.1.105
DEFAULT GATEAWAY: …
mhibert
- 31
- 3
3
votes
1 answer
Paypal shows red https in chrome, and only in Chrome.. is this cause for concern?
Firefox seems to be OK with it, but I don't want to log in on any browser in case I have some malware doing this. However I can't seem to find anything, so I'm not sure what it is.
Chrome says it's using TLS 1.2 and there are insecure resources on…
anonymous