Publication Details

Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP3.0

PLUSKAL, J.; VESELÝ, V. Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP3.0. ISS World Europe 2022, Praha: 2022. p. 0-50.
Czech title
Zachycování a shromažďování webových důkazů v době TLS1.3 a HTTP 3.0
Type
presentation
Language
English
Authors
Pluskal Jan, Ing., Ph.D. (DIFS)
Veselý Vladimír, Ing., Ph.D. (DIFS)
Keywords

web scraping, TLS/SSL, MitM, HTTP

Abstract

The end-to-end HTTPS encryption and the volatile nature of web content make any
interception and collection of data on the Internet a  challenge. The
presentation introduces methods addressing both of these phenomena intercepting
TLS/SSL connections with the help of man-in-the-middle attack employing proxy and
automatically creating snapshots of problematic web pages.  Speakers outline
necessary theory (including news about TLS 1.3, HSTS, HTTP3.0), well-known
attacks (e.g., renegotiation, downgrade, cipherspec change,  and others), and
industry-standard tools for traffic analysis (such as Wireshark, Fiddler proxy,
SSL-Split) and decoding (e.g., Selenium, Scrapy). The session will include a live
demo of MitM attack on HTTPS connection enhanced with covert extraction of form
data, which would be later used to periodically web scrape and archive protected
content.

Published
2022
Pages
50
Place
ISS World Europe 2022, Praha
BibTeX 
@misc{BUT179383,
  author="Jan {Pluskal} and Vladimír {Veselý}",
  title="Intercepting and Collecting Web Evidence in the Times of TLS1.3 and HTTP3.0",
  year="2022",
  pages="50",
  address="ISS World Europe 2022, Praha",
  note="presentation"
}
Back to top