Super_gamer46861@lemmy.world to Cybersecurity@sh.itjust.worksEnglish · 1 month agoA covert reverse shell using TLSmessage-squaremessage-square12fedilinkarrow-up121arrow-down10file-text
arrow-up121arrow-down1message-squareA covert reverse shell using TLSSuper_gamer46861@lemmy.world to Cybersecurity@sh.itjust.worksEnglish · 1 month agomessage-square12fedilinkfile-text
minus-squarelurch (he/him)@sh.itjust.workslinkfedilinkEnglisharrow-up2·1 month agothis only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
minus-squareClemaX@lemm.eelinkfedilinkEnglisharrow-up2·edit-21 month agoI don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.
this only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
I don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.