Super_gamer46861@lemmy.worlddeleted by creator to Cybersecurity@sh.itjust.worksEnglish · 2 years agoA covert reverse shell using TLSmessage-squaremessage-square12linkfedilinkarrow-up122arrow-down10file-text
arrow-up122arrow-down1message-squareA covert reverse shell using TLSSuper_gamer46861@lemmy.worlddeleted by creator to Cybersecurity@sh.itjust.worksEnglish · 2 years agomessage-square12linkfedilinkfile-text
minus-squarelurch (he/him)@sh.itjust.workslinkfedilinkEnglisharrow-up2·2 years agothis only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
minus-squareClemaX@lemm.eelinkfedilinkEnglisharrow-up3·2 years agoI don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.
this only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
I don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.