[Crypto-chi] Man-in-the-Middle Attack?
Dan Massoglia
dmassoglia at gmail.com
Sun Jul 26 03:57:21 UTC 2015
Sorta on this topic, Andrew Case's recent guide is excellent for browser
config issues: https://gist.github.com/atcuno/3425484ac5cce5298932
On Jul 25, 2015 10:55 PM, "Brian Kroll" <brian at fiberoverethernet.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> As we all know the Tor Browser has been hardened compared to plain
> vanilla Firefox. Hardening includes more stringent checks on SSL/TLS
> certificates, and the interaction with sites that use those
> certificates. The site has a shit certificate and a shit set-up on their
> web server, and the Tor Browser will have none of that!
>
> Makes me question how secure that site really is. Especially as a former
> user of it.
>
> //Brian
>
> eviljoel:
> > Hey Brian,
> >
> > But why does the certificate come up fine in Firefox? (Certificate
> > Pinning?) Was the cert you looked at from Firefox or the Tor Browser?
> >
> > Thanks,
> > eviljoel
> >
> > On 07/21/2015 09:46 PM, Brian Kroll wrote:
> >> They totally botched the certificate set-up in IIS by not installing the
> >> certificate in IIs 6.0 correctly (there is a wizard to do it), and also
> >> they are using a wild-card cert with no authority chain. >_<
> >>
> >> //Brian
> >>
> >>
> >> eviljoel:
> >>> Hey All,
> >>
> >>> So I was looking into attending B-Sides Las Vegas which is at the
> >>> Tuscany hotel. I tried accessing the following URL over Tor to inquire
> >>> about room availability:
> >>
> >>>
> https://www2.tuscanylasvegas.com/smsworld/wc.dll?smsWorld~Availbox~&wsi=port
> >>
> >>> I get a certificate error: sec_error_unknown_issuer
> >>
> >>> I tried accessing the site using several different Tor circuits and got
> >>> the same thing.
> >>
> >>> However, I tried the same URL outside of Tor and get a certificate
> >>> signed by GoDaddy.com. Is this a man-in-the-middle attack or is there
> >>> some legitimate reason for this?
> >>
> >>> Thanks,
> >>> eviljoel
> >>
> >>
> >>
> >>> _______________________________________________
> >>> cryptoparty-chi mailing list
> >>> cryptoparty-chi at groups.sshchicago.org
> >>> http://groups.sshchicago.org/listinfo/cryptoparty-chi
> >>
> >> _______________________________________________
> >> cryptoparty-chi mailing list
> >> cryptoparty-chi at groups.sshchicago.org
> >> http://groups.sshchicago.org/listinfo/cryptoparty-chi
> >>
> >
> >
> >
> > _______________________________________________
> > cryptoparty-chi mailing list
> > cryptoparty-chi at groups.sshchicago.org
> > http://groups.sshchicago.org/listinfo/cryptoparty-chi
> >
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBCgAGBQJVtFlmAAoJEFjBjkteF9VaNKYQANm8a9tKUk0dNBAEPm2TgykY
> /SWTjUANXviIl2QtI1J6VPH3nPx5er0mTJ53umPsPZ4OQdQ98SXswt4MfnrSgT8T
> 3lJ9qoOKwRnYoFDGrD3FijLysOgBBANbcZ1xTkF4WgUWG/cuDB0qjpOVoF+CqzHH
> rPADL4yYGxC0OPYM6XfyC7/SfmNVJSeZlaT5ta5zN7uWMzHUuj6bOFatpBKGCiBd
> tY5gyfTLA3/u8Lcqv+U48QkxjDKQDCevDf0+MXPqyU04mzTAUMxgkuy3Ph/Ne8q7
> dPH1pyj/L6GS3DkcHRy8wncLYHzvJdTvgSM6DnChlCGNw066CPOdkqqzG6ROdQ4R
> WxpA28MUbdy2ML9Fs+62vmENWt/syTD96k8sb6HfXSvNF1liAkOLBoLhlgicRjGv
> 3Sr3JzsvvQZ9dC3rzpGTWX3By5a9yUawXR+EomeJH2yqQttLVDqdc6Suonltctyy
> FOXpe/6gjrvTzaI/D/5w7SD9zos0qRyElU+YYxorgIrifirYHX6RJSN24/qz/od2
> 2VPAJEWy/NnqSs7kjDKAH8ttSjHLGvMo8GtFwwtIYZ0jm/eXjn8CMcEEh4Q+ZoLz
> ZZoM89hiG0lLvGPC3g0RX4MXn+miwU1In2hNiZAo7rKp+Xn7gu/XZ20+IXBk3u7M
> PEbXvXrmJB9kkay4gfKR
> =GWLk
> -----END PGP SIGNATURE-----
> _______________________________________________
> cryptoparty-chi mailing list
> cryptoparty-chi at groups.sshchicago.org
> http://groups.sshchicago.org/listinfo/cryptoparty-chi
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://groups.sshchicago.org/pipermail/cryptoparty-chi/attachments/20150725/ff826e9d/attachment.html>
More information about the cryptoparty-chi
mailing list