![]() The user’s browser examines the attacker’s web certificate sent by SSLSniff, believes the attacker is the legitimate site and begins sending data, such as log-in information, credit card and banking details or any other data through the attacker to the legitimate site. ![]() ![]() SSLStrip sniffs traffic going to secure websites that have an https URL in order to conduct a man-in-the-middle attack and take the traffic to an attacker's fake site instead. Both tools are used to trick browsers into visiting bogus sites, such as fake PayPal or banking sites, using a bogus certificate.
0 Comments
Leave a Reply. |