Super_gamer46861@lemmy.world to Cybersecurity@sh.itjust.worksEnglish · 27 days agoA covert reverse shell using TLSmessage-squaremessage-square12fedilinkarrow-up122arrow-down10file-text
arrow-up122arrow-down1message-squareA covert reverse shell using TLSSuper_gamer46861@lemmy.world to Cybersecurity@sh.itjust.worksEnglish · 27 days agomessage-square12fedilinkfile-text
minus-squarelurch (he/him)@sh.itjust.workslinkfedilinkEnglisharrow-up2·27 days agothis only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
minus-squareClemaX@lemm.eelinkfedilinkEnglisharrow-up2·edit-227 days agoI don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.
this only works, if the client doesn’t know the server yet or disregards an already known key (you know, like SSH or web browsers telling you the key has changed)
I don’t think that browsers do that. There is HSTS but I think that it only checks if the connection is using TLS.