On Fri, Sep 24, 2010 at 7:21 PM, Harisfazillah Jamel <[email protected]> wrote: > Tittle should be man in the minddle attack.. > > ettercap can be used to capture packet. But its hard to get our > password in HTTPS protocol. I believe a kind of proxy is used for > this. > > Any idea what kind of proxy? >
Basically "we" (the attacker in this case) can decrypt the password or any data in HTTPS because "we" provide the fake certificate. that's the reason of MITM. > > On Fri, Sep 24, 2010 at 7:04 PM, Hasanuddin Abu Bakar <> wrote: >> ARP poisoning can be used.ettercap >> >> On 24 Sep 2010 19:02, "Harisfazillah Jamel" <[email protected]> wrote: >>> Assalamualaikum and salam sejahtera, >>> >>> Would like to share this blog post. >>> >>> http://blog.mohdhanif.com/aku-telah-berjaya-di-hack/ >>> >>> How man in the middle attack can be used in this case? >>> >>> Thanks. > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > _______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
