Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail publikace
PLUSKAL, J. VESELÝ, V.
Originální název
SSL/TLS Interception Workshop (TLS1.3 edition)
Typ
audiovizuální tvorba
Jazyk
angličtina
Originální abstrakt
The presentation introduces methods for intercepting TLS/SSL connections. The focus is on man-in-the-middle attack employing proxy and other ways how to obtain unencrypted content of the TLS/SSL session. Speakers outline necessary theory (including news about TLS 1.3), well-known attacks (e.g., renegotiation, downgrade, cipherspec change, and others) and industry-standard tools (such as Wireshark, NetFox Detective, Fiddler Proxy and SSL-Split). The session also includes a live demonstration of the MitM attack on HTTPS connections enhanced with form-logging JavaScript injection. Participants will receive free of charge access to the testbed, which consists of real devices (and their traffic), including the prototype of our hardware probe decrypting SSL/TLS on-the-fly.
Klíčová slova
SSL, TLS, MitmM
Autoři
PLUSKAL, J.; VESELÝ, V.
Vydáno
3. 12. 2019
Místo
Kuala Lumpur
Strany počet
60
URL
https://www.fit.vut.cz/research/publication/12145/
BibTex
@misc{BUT161871, author="Jan {Pluskal} and Vladimír {Veselý}", title="SSL/TLS Interception Workshop (TLS1.3 edition)", year="2019", pages="60", address="Kuala Lumpur", url="https://www.fit.vut.cz/research/publication/12145/", note="presentation" }
Dokumenty
veselyv_issasie2019-tlsssl.title.pdf