You are viewing a single thread.
View all comments View context
17 points

That kind of ssl interception would normally be quite visible without your client device having the pineapples cert in your devices trust store, or am I wrong?

permalink
report
parent
reply
8 points
*

I’m sure a lot has changed in 10 years ago so this won’t be relevant today, but back when I was last playing with this, sslstrip was the tool I was using on the pineapple to enable SSL mitm attacks - https://github.com/moxie0/sslstrip

I’d imagine there are new techniques to counteract new defenses - this stuff is always cat & mouse

permalink
report
parent
reply