Super_gamer46861@lemmy.world to Cybersecurity@sh.itjust.worksEnglish · 2 months agoA covert reverse shell using TLSmessage-squaremessage-square12fedilinkarrow-up122arrow-down10file-text
arrow-up122arrow-down1message-squareA covert reverse shell using TLSSuper_gamer46861@lemmy.world to Cybersecurity@sh.itjust.worksEnglish · 2 months agomessage-square12fedilinkfile-text
minus-squarelurch (he/him)@sh.itjust.workslinkfedilinkEnglisharrow-up2·2 months agothis only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
minus-squareClemaX@lemm.eelinkfedilinkEnglisharrow-up2·edit-22 months agoI don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.
this only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
I don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.