I was wondering to myself, If I can generate certificates and bump the connection, I can use a 302\308 to redirect all traffic from https to a http(intercepatble) connection.
Then on the http interceptor rewrite the request into https. I have a working setup which uses a redirection "attack" to authenticate users over http+https. Now the issue is that if all browsers will deny a redirection from https to http(a downgrading attack) then the http world would look a bit weird. I was thinking about such a downgrade attack on couple sites but I am unsure how good it will be. I have seen couple years ago that some ISPs used a redirection attack when youtube used plain http, this was in order to allow a "pre-fetch" of a tiny GET request. Now since many others up-graded their security it's another story. And as an addition I have seen that Microsoft use and "FTP" like transfer protocol in their software. They have a "secured" control channel which has certificates pinning or something else as a safe guard, and in more then one case they use another channel to fetch the request over plain HTTP( when a proxy is defined). Would it be reasonable to write and publish such a tool? Or is it a security risk to publish such a tool to the public? Eliezer ---- Eliezer Croitoru <http://ngtech.co.il/lmgtfy/> Linux System Administrator Mobile: +972-5-28704261 Email: elie...@ngtech.co.il
_______________________________________________ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
