SecurityTubeBeta Watch ... Learn ... Contribute |
 |
 |
 |
 |
 |
  |
|
Sniffing SSL Traffic using SSLStrip
Moxie MarlinSpike released SSLStrip at Blackhat this year to demonstrate how easy it is to actually break SSL security, by simply replacing all "https://" URLs in a webpage with "http://" ones and then doing an MITM relaying between the Server and the Client. The basic idea is that the victim Client and attacker communicate over HTTP, and the attacker and Server, communicate over HTTPS using the Server's certificate. Thus, the attacker is able to see all the traffic in clear from the Client. Moxie's detailed talk is available for viewing here.
In this video Myownremote (myownremote [] googlemail [] com) shows a nice demo of the SSLStrip tool and how to use it with Ettercap effectively to sniff the SSL traffic of a victim. This is a recommended watch! We have also have another demo of the SSLStrip tool on SecurityTube here.
Thanks go out to Myownremote for submitting this video to SecurityTube. You can visit this blog for more interesting articles on security and hacking.
In this video Myownremote (myownremote [] googlemail [] com) shows a nice demo of the SSLStrip tool and how to use it with Ettercap effectively to sniff the SSL traffic of a victim. This is a recommended watch! We have also have another demo of the SSLStrip tool on SecurityTube here.
Thanks go out to Myownremote for submitting this video to SecurityTube. You can visit this blog for more interesting articles on security and hacking.
We hate these ADs as much as you do! Help us stay FREE and CLEAN by making a Generous Donation!
Related Videos from: Exploit Demos (14)
 |  |  |  |  | |
You are Viewing this Video Now! | |||||
5723 views | 3392 views | 1258 views | 3743 views | 1759 views |
Author
Anonymous Submission
©2007 Freak Labs |