this post was submitted on 06 Jul 2024
860 points (100.0% liked)

196

16450 readers
1814 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] kahdbrixk@feddit.de 17 points 4 months ago (1 children)

That kind of ssl interception would normally be quite visible without your client device having the pineapples cert in your devices trust store, or am I wrong?

[โ€“] beveradb@lemm.ee 8 points 4 months ago* (last edited 4 months ago)

I'm sure a lot has changed in 10 years ago so this won't be relevant today, but back when I was last playing with this, sslstrip was the tool I was using on the pineapple to enable SSL mitm attacks - https://github.com/moxie0/sslstrip

I'd imagine there are new techniques to counteract new defenses - this stuff is always cat & mouse