Přístupnostní navigace
E-application
Search Search Close
Publication detail
PLUSKAL, J. VESELÝ, V.
Original Title
SSL/TLS Interception Workshop
Type
presentation
Language
English
Original Abstract
The presentation introduces methods for intercepting TLS/SSL connections. The focus is on man-in-middle attack employing TLS/SSL proxy and other ways how to obtain session's private keys. Speakers will outline necessary theory (including the history of SSL/TLS framework design), well-known attacks (including OpenSSL Hearthbleed, Logjam or BEAST) and industry standard tools (such as Wireshark, NetFox Detective, Fiddler Proxy and SSL-Split). The session will also include a live demonstration of MitM attack on HTTPS connections enhanced with form-logging JavaScript injection. Participants will receive free of charge access to test-bed, which consists of real devices (and their traffic) including the prototype of our hardware probe decrypting SSL/TLS on-the-fly.
Keywords
SSL, TLS, MitmM
Authors
PLUSKAL, J.; VESELÝ, V.
Released
28. 5. 2019
Location
Praha
Pages count
60
URL
https://www.fit.vut.cz/research/publication/12146/
BibTex
@misc{BUT176466, author="Jan {Pluskal} and Vladimír {Veselý}", title="SSL/TLS Interception Workshop", year="2019", pages="60", address="Praha", url="https://www.fit.vut.cz/research/publication/12146/", note="presentation" }
Documents
veselyv_isseurope2019-tlsssl.title.pdf