Le mer 06/08/2003 à 14:42, e247net a écrit : > Does anyone had successfully used webmitm to > prove the > vulnerability of SSL which I am trying as well with dsniff - webmitm but > of no success.... when " victim" initiated the connections > to SSL sites .. the "attack" runnning webmitm shows error = > client process xxx terminated with status 0 ... can you help ?? thanks I do not have specific answer for webmitm, but I use another tool that is useful in this case, sslsniff : http://www.thoughtcrime.org/ie.html This tool exploit IE basic constraints verification flaw, but can do the trick for classical SSL MitM. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Aug 06 2003 - 11:03:51 PDT