metasploit-framework/modules
Ramon de C Valle 5d6c15a43d Add openssl_altchainsforgery_mitm_proxy.rb
This module exploits a logic error in OpenSSL by impersonating the
server and sending a specially-crafted chain of certificates, resulting
in certain checks on untrusted certificates to be bypassed on the
client, allowing it to use a valid leaf certificate as a CA certificate
to sign a fake certificate. The SSL/TLS session is then proxied to the
server allowing the session to continue normally and application data
transmitted between the peers to be saved. This module requires an
active man-in-the-middle attack.
2015-07-15 22:36:29 -07:00
..
auxiliary Add openssl_altchainsforgery_mitm_proxy.rb 2015-07-15 22:36:29 -07:00
encoders Fix #5596 by catching RuntimeError from Rex::Poly 2015-06-24 15:17:33 -05:00
exploits Land #5728, Arch specification for psexec 2015-07-15 15:36:27 +00:00
nops Fix up comment splats with the correct URI 2014-10-17 11:47:33 -05:00
payloads Land #5541, add more compat fixed-cmd 64-bit BSD payloads 2015-07-13 21:01:55 -05:00
post Module cleanup 2015-07-11 19:40:21 +01:00