Implement NTP HSTS Bypass Attack

sensepost / mana

*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM

https://w1f1.net/

Other

1.09k stars 275 forks source link

Implement NTP HSTS Bypass Attack #10

Open DrDinosaur opened 10 years ago

DrDinosaur commented 10 years ago

Just heard about this technique: https://www.blackhat.com/docs/eu-14/materials/eu-14-Selvi-Bypassing-HTTP-Strict-Transport-Security-wp.pdf

Would be great if this could be added.

racude commented 9 years ago

Yeah, definately.

singe commented 9 years ago

Great idea, time is short though, I'd love a pull request!

Greenjam94 commented 7 years ago

Any update on when HSTS bypass will be implemented? I've read two articles that says its possible, but running the lastest install of mana on Kali nethunter, I can't get around HSTS headers.

References:

https://www.pwnieexpress.com/blog/bypassing-hsts-ssl-with-the-mana-toolkit
https://cyberarms.wordpress.com/2014/10/16/mana-tutorial-the-intelligent-rogue-wi-fi-router/