On 16/05/2016 12:53 p.m., Eliezer Croitoru wrote:
> Hey Amos,
>
> You are right that it seems like there is no point since you already
> decrypt the connection.
> But in the real world the price of maintaining an encrypted session for
> many users for a long period is not the same as maintaining
Hey Amos,
You are right that it seems like there is no point since you already
decrypt the connection.
But in the real world the price of maintaining an encrypted session for
many users for a long period is not the same as maintaining them for
short burst.
Since all YouTube traffic is done
I was wondering to myself, If I can generate certificates and bump the
connection, I can use a 302\308 to redirect all traffic from https to a
http(intercepatble) connection.
Then on the http interceptor rewrite the request into https.
I have a working setup which uses a redirection "attack" to