Publication Details

Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP3.0

PLUSKAL, J. Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP3.0. Dubaj: 2022. p. 0-0.
Czech title
Zachycování a shromažďování webových důkazů v době TLS1.3 a HTTP 3.0
Type
presentation
Language
English
Authors
Pluskal Jan, Ing., Ph.D. (DIFS)
Abstract

The presentation introduces methods for intercepting TLS/SSL connections. The focus is on man-in-the-middle attack employing proxy and other ways how to obtain unencrypted content of the TLS/SSL session. Speakers outline necessary theory (including news about TLS 1.3), well-known attacks (e.g., renegotiation, downgrade, cipherspec change, and others) and industry-standard tools (such as Wireshark, NetFox Detective, Fiddler Proxy and SSL-Split). The session also includes a live demonstration of the MitM attack on HTTPS connections enhanced with form-logging JavaScript injection. Participants will receive free of charge access to the testbed, which consists of real devices (and their traffic), including the prototype of our hardware probe decrypting SSL/TLS on-the-fly.

Published
2022
Pages
60
Place
Dubaj
BibTeX 
@misc{BUT177255,
  author="Jan {Pluskal}",
  title="Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP3.0",
  year="2022",
  pages="60",
  address="Dubaj",
  note="presentation"
}
Back to top