this post was submitted on 06 Jul 2024
853 points (100.0% liked)
196
16673 readers
42 users here now
Be sure to follow the rule before you head out.
Rule: You must post before you leave.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
That kind of ssl interception would normally be quite visible without your client device having the pineapples cert in your devices trust store, or am I wrong?
I'm sure a lot has changed in 10 years ago so this won't be relevant today, but back when I was last playing with this, sslstrip was the tool I was using on the pineapple to enable SSL mitm attacks - https://github.com/moxie0/sslstrip
I'd imagine there are new techniques to counteract new defenses - this stuff is always cat & mouse