Stack Overflow
Stack Overflow

Questions tagged [man-in-the-middle]

An attacker who interposes himself in the middle of a connection.

An attacker who interposes himself between a client and a server. He can perpetrate both passive (eavesdropping) and active (interjection or truncation) attacks. Secure protocols such as HTTPS can guard against these attacks when correctly implemented at all layers including the application layer.

215 questions
2
votes
3 answers

How to hide keys in application?

I have a C++ client/server application where the client and server are my executable. Each time a connection is made between the client and server, I generate a new encryption key for that session and I wish to transmit this session key and encrypt…
WilliamKF
  • 41,123
  • 68
  • 193
  • 295
2
votes
1 answer

Securing web server against MITM attack in Safari

I have been looking for a way to make sure my web server is secure against a man in the middle attack. It does seem that Google Chrome and Firefox work in blocking requests to my server even if I select to advance after the security warning. I am…
Bobbake4
  • 24,509
  • 9
  • 59
  • 94
2
votes
1 answer

Local VM changed ssh fingerprint

For the history, I have a local VM (Virtualbox) with OS debian and in this VM I have been developed a Web application. I log in with ssh protocol. Today, I'm facing a strange troubleshooting. I tried to connect with ssh to my local VM and got the…
nbompetsis
  • 61
  • 1
  • 7
2
votes
1 answer

How avoid man-in-the-middle attack when using Google Cloud Endpoints?

I'm currently writing my first android app and decided to use google cloud endpoints. I have secure my backend endpoints methods by following this docs : https://cloud.google.com/appengine/docs/java/endpoints/auth, …
Mattatyahu
  • 71
  • 4
2
votes
1 answer

Python - Man in the Middle

I want to catch a packet my computer is sending, modify it and send it. I can't use sniff, because it gives me a copy of the packet. The packet itself is sent. I want to stop the sending of the packet, change it and then send it forward - MitM…
tamird14
  • 481
  • 1
  • 6
  • 19
2
votes
1 answer

MAF Security: How to prevent a "Man-in-the-Middle" Attack

i am using MAF to offer user / customers the possibility to enhance our software. The Add-In will run with limited permissions and can be potentially untrusted code for us as well as for the customer in case they bought the add-in form a 3rd party…
Tobias Lorentz
  • 81
  • 5
2
votes
1 answer

Ettercap TCP packets type

Sorry if my question looks dumb, but I would like to understand the meaning of the letters written next to the packet transaction details of Ettercap when sniffing TCP packets, for example: Thu Apr 16 04:07:30 2015 TCP 192.168.1.100:1000 -->…
user2959923
  • 144
  • 1
  • 2
  • 14
2
votes
2 answers

Possibility of Man in the Middle Attack during TLS handshake

I have read through the previous discussion on the same topic here, here and a few other places. While I understand that during the course of TLS communication, a MiTM is quite not possible, what are the chances of MiTM attack during TLS…
proteann
  • 33
  • 1
  • 7
2
votes
2 answers

Embedding Image/Video Stream into webpage

I'm trying to create a PHP webpage that allow the visitor to see a video stream or an image coming from a webcam without allowing the visitors to grab it's original URL/URI. In other words, I have an ip camera operating at a given address:port and I…
Power Engineering
  • 713
  • 14
  • 26
2
votes
6 answers

Users get logged in automatically as different user

This sounds very weird. But currently users of our site is seeing this behavior randomly. When they browse anonymously the site they gets logged in as a different user. They got logged in as users which is actually currently logged into the system.…
chanchal118
  • 3,551
  • 2
  • 26
  • 52
2
votes
3 answers

Can a man-in-the-middle intercept an SSL packet and duplicate it?

AFAIK, SSL will encrypt the message under secure. But I still have the concern whether or not a man in the middle can catch the packet and duplicate it e.g. 1000 times
Lewis LE
  • 45
  • 5
2
votes
1 answer

Set up port forwarding for SSLSplit (Supports ipfw fwd only) on OSX Mavericks

I am trying to set up SSLSplit on OSX Mavericks according to this tutorial. I got it working on a Ubuntu Machine, so I know SSLSplit works just fine and the issue is only with packets not being forwarded to the port on which SSLSplit is listening on…
JohnVanDijk
  • 3,546
  • 1
  • 24
  • 27
2
votes
2 answers

Can't add a mitmproxy .p12 certificate to Windows programmatically

I want to programmatically install certificate into Windows for localhost MITM SSL sniffing. >certutil -addstore "TrustedPublisher" mitmproxy-ca-cert.p12 TrustedPublisher CertUtil: -addstore команда НЕ ВЫПОЛНЕНА: 0x80093102 (ASN: 258) CertUtil: В…
Nakilon
  • 34,866
  • 14
  • 107
  • 142
2
votes
3 answers

Secure connection between client and server

I'm developing a server component that will serve requests for a embedded client, which is also under my control. Right now everything is beta and the security works like this: client sends username / password over https. server returns access…
Pablo Fernandez
  • 103,170
  • 56
  • 192
  • 232
2
votes
1 answer

Man in the middle attack in LAN

I am pretty new in this kind of things. I have a local area network, accessed by some users via cable some and via wifi others. I have developed a local application in php which receives only some of the LAN clients as authentic users; they can be…
Nillus
  • 1,131
  • 1
  • 14
  • 32
1 2 3
14 15