-
List of To-Dos:
- Add findings
- Web server DoS
- MITM HTTPS connection of the web server (LAN)
- ~~NetCloud "Insecure Activation" bug~~
- ~~NetCloud RCE~~
- ~~mitmproxy PoC~~
-…
-
Attack: Associate IP address with Bitcoin address when client performs balance lookup for that address by decrypting (or observing plaintext) traffic as MITM attacker.
Countermeasure: (strongest) Use…
-
### Platform
AWS
### bndiagnostic ID
not applicable
### Error output from `curl`
output fragment from `curl -sv https://myip.bitnami.com/`:
```
* Server certificate:
* subject: CN…
paxan updated
2 months ago
-
Hello,
The main page and read me documentation contains insecure links. The lack of SSL/TLS could lead to MITM / Session Hijacking or other types of attacks. Apache/Nginx should be configured to e…
-
I´m trying to access a specific website ('https://esaj.tjsp.jus.br/cposg/search.do'), that works good on all major browsers. However on secret-agent I get an error. I already tired to use the `process…
-
```
2024/04/27 08:17:31 [228] WARN: Cannot handshake client REDACTED.cz read tcp 192.168.64.176:443->24.144.112.6:60418: read: connection reset by peer
2024/04/27 08:17:31 [229] WARN: Cannot handsha…
-
Hi,
When I attempt to use pyrdp to proxy for non-Windows 10 versions of Windows, such as Windows Server 2003 R2, Windows XP SP3, and Windows 7, I consistently encounter the following errors:
```
…
-
@jpwsutton
## Description of Bug:
Try to connect to tls/ssl domain and the subject domain in the certificate is from another domain. The result is connection is success. This behavior allow put…
jarpz updated
2 years ago
-
https://github.com/rancher/k3s/issues/1763
There are two issues here:
1. kine does no provide `ServerName` for tlsConfig, so can't verify by name...
2. kine does not set `InsecureSkipVerify` to…
-
如题,尝试在cloudflare里面将tls版本设置为1.3,agent模式下(其他模式没测试)会出现错误如下:
2019-03-21 22:28:14.724 CST,main.go:475, WARNING ,"Agent is not safe, don't use it to access your important data"
2019-03-21 22:28:14.724 CST…