[Crypto-chi] Man-in-the-Middle Attack?
Brian Kroll
brian at fiberoverethernet.com
Sun Jul 26 03:52:16 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
As we all know the Tor Browser has been hardened compared to plain
vanilla Firefox. Hardening includes more stringent checks on SSL/TLS
certificates, and the interaction with sites that use those
certificates. The site has a shit certificate and a shit set-up on their
web server, and the Tor Browser will have none of that!
Makes me question how secure that site really is. Especially as a former
user of it.
//Brian
eviljoel:
> Hey Brian,
>
> But why does the certificate come up fine in Firefox? (Certificate
> Pinning?) Was the cert you looked at from Firefox or the Tor Browser?
>
> Thanks,
> eviljoel
>
> On 07/21/2015 09:46 PM, Brian Kroll wrote:
>> They totally botched the certificate set-up in IIS by not installing the
>> certificate in IIs 6.0 correctly (there is a wizard to do it), and also
>> they are using a wild-card cert with no authority chain. >_<
>>
>> //Brian
>>
>>
>> eviljoel:
>>> Hey All,
>>
>>> So I was looking into attending B-Sides Las Vegas which is at the
>>> Tuscany hotel. I tried accessing the following URL over Tor to inquire
>>> about room availability:
>>
>>> https://www2.tuscanylasvegas.com/smsworld/wc.dll?smsWorld~Availbox~&wsi=port
>>
>>> I get a certificate error: sec_error_unknown_issuer
>>
>>> I tried accessing the site using several different Tor circuits and got
>>> the same thing.
>>
>>> However, I tried the same URL outside of Tor and get a certificate
>>> signed by GoDaddy.com. Is this a man-in-the-middle attack or is there
>>> some legitimate reason for this?
>>
>>> Thanks,
>>> eviljoel
>>
>>
>>
>>> _______________________________________________
>>> cryptoparty-chi mailing list
>>> cryptoparty-chi at groups.sshchicago.org
>>> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>>
>> _______________________________________________
>> cryptoparty-chi mailing list
>> cryptoparty-chi at groups.sshchicago.org
>> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>>
>
>
>
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVtFlmAAoJEFjBjkteF9VaNKYQANm8a9tKUk0dNBAEPm2TgykY
/SWTjUANXviIl2QtI1J6VPH3nPx5er0mTJ53umPsPZ4OQdQ98SXswt4MfnrSgT8T
3lJ9qoOKwRnYoFDGrD3FijLysOgBBANbcZ1xTkF4WgUWG/cuDB0qjpOVoF+CqzHH
rPADL4yYGxC0OPYM6XfyC7/SfmNVJSeZlaT5ta5zN7uWMzHUuj6bOFatpBKGCiBd
tY5gyfTLA3/u8Lcqv+U48QkxjDKQDCevDf0+MXPqyU04mzTAUMxgkuy3Ph/Ne8q7
dPH1pyj/L6GS3DkcHRy8wncLYHzvJdTvgSM6DnChlCGNw066CPOdkqqzG6ROdQ4R
WxpA28MUbdy2ML9Fs+62vmENWt/syTD96k8sb6HfXSvNF1liAkOLBoLhlgicRjGv
3Sr3JzsvvQZ9dC3rzpGTWX3By5a9yUawXR+EomeJH2yqQttLVDqdc6Suonltctyy
FOXpe/6gjrvTzaI/D/5w7SD9zos0qRyElU+YYxorgIrifirYHX6RJSN24/qz/od2
2VPAJEWy/NnqSs7kjDKAH8ttSjHLGvMo8GtFwwtIYZ0jm/eXjn8CMcEEh4Q+ZoLz
ZZoM89hiG0lLvGPC3g0RX4MXn+miwU1In2hNiZAo7rKp+Xn7gu/XZ20+IXBk3u7M
PEbXvXrmJB9kkay4gfKR
=GWLk
-----END PGP SIGNATURE-----
More information about the cryptoparty-chi
mailing list