Publication Details

SSL/TLS Interception Workshop

PLUSKAL Jan and VESELÝ Vladimír. SSL/TLS Interception Workshop. Praha, 2019.
Czech title
Workshop na analýzu obsahu SSL/TLS
Type
audiovisual production
Language
english
Authors
Keywords

SSL, TLS, MitmM

Abstract

The presentation introduces methods for intercepting TLS/SSL connections. The focus is on man-in-middle attack employing TLS/SSL proxy and other ways how to obtain session's private keys. Speakers will outline necessary theory (including the history of SSL/TLS framework design), well-known attacks (including OpenSSL Hearthbleed, Logjam or BEAST) and industry standard tools (such as Wireshark, NetFox Detective, Fiddler Proxy and SSL-Split). The session will also include a live demonstration of MitM attack on HTTPS connections enhanced with form-logging JavaScript injection. Participants will receive free of charge access to test-bed, which consists of real devices (and their traffic) including the prototype of our hardware probe decrypting SSL/TLS on-the-fly.

Published
2019
Pages
60
Place
Praha, CZ
Back to top