Rocksolid Light

Welcome to Rocksolid Light

mail  files  register  newsreader  groups  login

Message-ID:  

Frankly, Scarlett, I don't have a fix. -- Rhett Buggler


computers / Hacking / Re: dns spoofing and certificates

SubjectAuthor
* dns spoofing and certificatesAnonymous
`- Re: dns spoofing and certificatesAnonymous

1
dns spoofing and certificates

<0870e59297d9284e59d62e902e38a948@news.novabbs.org>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=366&group=rocksolid.shared.hacking#366

 copy link   Newsgroups: rocksolid.shared.hacking
Path: i2pn2.org!.POSTED.10.136.143.187!not-for-mail
From: Anonymous@news.novabbs.org (Anonymous)
Newsgroups: rocksolid.shared.hacking
Subject: dns spoofing and certificates
Date: Tue, 22 Jun 2021 22:11:40 +0000
Organization: Rocksolid Light
Message-ID: <0870e59297d9284e59d62e902e38a948@news.novabbs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1"; posting-host="10.136.143.187";
logging-data="1570"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (www.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Rslight-Site: $2y$10$BNlvVYhoWw/n18.Y0rGFg.xarF0Vp55NLbIi4nq/N4BP9P.JQ4Nxa
 by: Anonymous - Tue, 22 Jun 2021 22:11 UTC

Hey everyone, i'd like to ask experienced guys in local network pentesting few questions about dns spoofing, cookie stealing and problems with self-signed certificates in browsers:

- Is it possible to steal someone else's secure cookies from spoofed domain on https in local network?
- Is it possible to somehow overcome 'self-signed cert' errors in browsers, when accessing spoofed domain with https, without installing the certificate to trusted ones? By 'overcome' i mean to not show the 'self-signed cert' error on user's behalf OR let the user choose whether or not to connect to domain.
--
Posted on Rocksolid Light

Re: dns spoofing and certificates

<b16f214f101e0bd3d7a621d0b732a7b1@news.novabbs.org>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=367&group=rocksolid.shared.hacking#367

 copy link   Newsgroups: rocksolid.shared.hacking
Path: i2pn2.org!.POSTED.10.136.143.187!not-for-mail
From: Anonymous@news.novabbs.org (Anonymous)
Newsgroups: rocksolid.shared.hacking
Subject: Re: dns spoofing and certificates
Date: Wed, 23 Jun 2021 05:08:50 +0000
Organization: Rocksolid Light
Message-ID: <b16f214f101e0bd3d7a621d0b732a7b1@news.novabbs.org>
References: <0870e59297d9284e59d62e902e38a948@news.novabbs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1"; posting-host="10.136.143.187";
logging-data="19416"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (www.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Rslight-Site: $2y$10$KWz1iOU8/kNqC30OL/vFCuV83uUJxlLMyE/fZ7isiJgflGLSbxytS
 by: Anonymous - Wed, 23 Jun 2021 05:08 UTC

Anonymous wrote:

> Hey everyone, i'd like to ask experienced guys in local network pentesting few questions about dns spoofing, cookie stealing and problems with self-signed certificates in browsers:

> - Is it possible to steal someone else's secure cookies from spoofed domain on https in local network?

I think it might be if you can accomplish what you ask below.

> - Is it possible to somehow overcome 'self-signed cert' errors in browsers, when accessing spoofed domain with https, without installing the certificate to trusted ones? By 'overcome' i mean to not show the 'self-signed cert' error on user's behalf OR let the user choose whether or not to connect to domain.

If you are inside the local network can you create your own cert auth and place your server cert on the client machine? If you can do that it may work. Otherwise you need a very clever worded pop up to get them to install your cert.
--
Posted on Rocksolid Light

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor