Questions tagged [man-in-the-middle]
42 questions
0
votes
1 answer
Non proxy aware client, (mitm)proxy modification of headers
What I am trying to achive
Pulling data, using a SaaS service, from a remote site with a simple GET request to mitmproxy. The SaaS service is not proxy aware.
I want the SaaS web client to do a GET request to mitmproxy, basically like this:
GET…
xeet
- 300
- 2
- 7
0
votes
2 answers
Can a man in the middle intercept an SSL package and duplicate it?
AFAIK, SSL will encrypt the message under secure. But I still have the concern whether or not a man in the middle can catch the package and duplicate it e.g. 1000 times
Lewis LE
- 1
- 1
0
votes
0 answers
is there a man in the middle attacking to my server machine?
My server works well about half a year. But a strange thing happened (several hours before).
This server has two IP-address 58.17.85.19 & 117.21.178.19
When I navigate to http://58.17.85.19, nothing different as before.
But http://117.21.178.19 will…
GongT
- 53
- 1
- 1
- 6
0
votes
2 answers
Man-In-The-Middle with a VPN?
I'm doing some researches for university and, before wasting a lot of time into it, I'd like to know if what I've got in my mind can be done.
I'm talking about a simple MITM attack but, in my scenario, the victim is forced to use a VPN to access the…
StepTNT
- 123
- 2
- 7
0
votes
3 answers
Log an Application's Network Activity with Process Monitor and/or Fiddler or something else
I've got a bit of a tricky application I need to monitor. Its a Java .jnlp file. Using Process Monitor, I've been able to identify it (its instance of javaw) going out to the other servers in my network; however, running Fiddler, it shows no…
Nate
- 2,151
- 6
- 26
- 41
0
votes
1 answer
Apache2: proxying all except one single file
I have a problem with MSDN Academy that they didn't solve. Unfortunately, the ISO image of Windows Server 2008 on their servers is misnamed. By using Wireshark, I found that the downloader erroneously tries to download a file that starts with…
usr-local-ΕΨΗΕΛΩΝ
- 2,359
- 7
- 34
- 52
0
votes
3 answers
Ettercap - packet injection / alteration
So I have a proxy setup using squid on port 3128.
I also have ettercap setup.
My main goal is to change data as it flows through my proxy.
Basically, you open up www.something.com using my proxy, it displays "lala", and I want to alter "lala"…
Adrian A.
- 85
- 1
- 2
- 12
0
votes
1 answer
Can you self-host a DNS server with custom domains and still get TLS?
I assume the easy answer here is no, but I'm wondering the following. Without having to pre-install a certificate on each client, can I get TLS support for domains if I self-host a DNS server?
For example:
I host a DNS server that maps…
user38643
- 103
- 2
0
votes
1 answer
Redirect TLS traffic by hostname
I have an IoT device that connects to a.iot.x.amazonaws.com at port 8883 (secure MQTT).
I would instead like it to connect to my own site at b.iot.x.amazonaws.com (same port and protocol). I would like to use network tools to redirect the traffic. I…
0
votes
1 answer
HTTPS and MITM attack
VPN companies claim that your sensitive data can be intercepted. But what I know is that as long as I stick with HTTPS, no MITM attack is successful at present. Am I right?
Bhavya Gupta
- 111
- 3
0
votes
1 answer
Reading and manipulating traffic between two ethernet nodes
I have two machines, directly connected via LAN cable. Each has their own IP, and they are communicating in their own VLAN.
10.10.10.99/25 for machine #1, 10.10.10.16/25 for machine #2, vlan 0x50. I cannot change any of the IPs, netmasks,…
-1
votes
1 answer
Set up Ubuntu server to intercept traffic directed at another IP and send it to Apache?
I'm trying to reverse-engineer the protocol used by HP ePrint. For some reason the printer responds with an error when I override the DNS to point to my own local server, so I decided to create a static routing entry on the router to send traffic…
flarn2006
- 111
- 5