Have an account?
It looks like you're new here. If you want to get involved, click one of these buttons!
Apply for Membership
Who's Online (0)
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
How Exactly ssl stripping works?
I have been studying a lot regarding cryptography these days,
I tried to learn the indpeth operations of the ssl stripping,but i got strucked at a point,so tought of asking here,
As far as i have learnt First attacker capturing or listening the victims traffic with arp spoofing/arp poisoning(in most cases) and applys ssl stripping and decode the traffic and passing it back as a "http" traffic to the victim ,this is how i assume ssl stripping works,
Now my questions are
1)how exactly a attacker is decrypting the plain text from the encrypted connection with out having the private key ?i want to understand the exact logic behind the decryption..
2)And don't the ssl encryption does not have any data integrity verifying mechanisms in it?
3)Is the ssl encryption being used now is very weak?
hope some 1 may clear my doubts....
You're not decrypting the SSL encryption at all. And no SSL encryption is not weak. You are using an MITM attack to intercept the packets and "strip" the ssl. Thus getting the plaintext.
Some SSL encryptions are harder to crack than others, theres SSL 3 now, the old MD5 based SSL certs are a lot easier to crack, theres also 128bit then 256 bit encryption levels. But to be honest i dont think its that useful as nearly anyone can strip SSL now.
so the ssl stripping works like this,correct me if i am wrong
while the encrypted traffic is passed through the attacker,the attacker uses a method to remove the encryption and send the plain text (i.e http) traffic to the victim
ok if the ssl strip works like the above means,here are some more questions
1)like the same way can we strip out a ssh or any kind of encrypted traffic?
2)if suppose a victim is using multiple encryptions means what will happen?
for example say a victim is using a vpn,inside the vpn he is using some ssh tunneling to access the g-mail account,so now at this stage 3 layers of encryptions are there
i.e ssl for vpn,ssh encryption,another ssl for g-mail,now at this junction is it possible for a attacker to strip out these multiple encryptions?
3)Also why not the ssl encryption developers are not developing a technology that can verify data integrity like the IP-SEC standards? why they are merely developing some complex algorithms and focusing more and more on increasing the strength on the encryption,why they are not focusing any thing on data integrity?
i am bit confused about those developers,....
Add a Comment