Description:
This video shows that with SSL encryption, it isn't secure. Proof of this is seen by showing a web based email (Google Mail) & online bank (PayPal) password.
How does this work?> Performing a 'Man In The Middle' attack therefore all the traffic flows through the attacker.
> Picks out HTTP traffic from port 80 and then packet redirection / forwarding onto a different port.
> SSLStrip is then listening on that port and removes the SSL connection before passing it back to the user.
> ettercap then picks out the username & password.
Thanks goes out to g0tmi1k for referring this video to us.
You can read the full blog post here.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments: