I know that man in the middle (mitm) can be in passive mode : forward, or active mode : modify trafic and forward...
But Can mitm open a page, in firefox for example, to connect on a website where i was logged.
Is this possible ?
Asked
Active
Viewed 23 times
1 Answers
1
Yes, as you say, the man-in-the-middle can modify the traffic. So when you request a page, he/she can easily return an HTTP 302 to another page, or insert some JavaScript to set the document.location.href of your document.
If your traffic is encrypted using https, this is not possible.
MvdD
- 22,082
- 8
- 65
- 93
-
ok i understand. So if i am logged to a site, the hacker in the mitm, even without knowing my password, can browse my personnal page on the site ? – Voyageur2000 Sep 30 '15 at 17:57
-
1A hacker that can see you traffic in clear text, can steal your session cookie or access token and do anything you can do. – MvdD Sep 30 '15 at 18:09
-
ok i see ! thanks ;) https certificate is needed to protect against that – Voyageur2000 Sep 30 '15 at 18:11