Le mer 06/08/2003 � 14:42, e247net a �crit :
> Does anyone had successfully used webmitm to
> prove the
> vulnerability of SSL which I am trying as well with dsniff - webmitm but
> of no success.... when " victim" initiated the connections
> to SSL sites .. the "attack" runnning webmitm shows error =
> client process xxx terminated with status 0 ... can you help ?? thanks
I do not have specific answer for webmitm, but I use another tool that
is useful in this case, sslsniff :
http://www.thoughtcrime.org/ie.html
This tool exploit IE basic constraints verification flaw, but can do the
trick for classical SSL MitM.
--
http://www.netexit.com/~sid/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE
---------------------------------------------------------------------------
----------------------------------------------------------------------------
