This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Malicious PAC
Malicious PAC

Version management

Difference between version and

At line 1 added 14 lines
!!! Overview
[{$pagename}] are [Attacks] where an [Attacker] is able to Force the [browser] or [User-agent] to use a [Malicious] [Proxy Auto-Config] file.
The typical Scenario is a [Public Wi-Fi] (cafe, hotel, airport, …) where the [Attacker] uses:
* [DHCP] spoofing/hijacking, sending out [DHCP] option code for [WPAD] (252)
* [DNS] spoofing/hijacking, responding for /^wpad/ ([WPAD]) queries
[Browser] or [User-agent] then exposes the (https://) [URLs] to the [PAC] function
* FindProxyForURL(url, host)
* This is not an [attack] on [TLS]/[SSL], [TLS]/[SSL] versions/features/configurations __CAN NOT block it__.!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Sniffing HTTPS URLS with malicious PAC files|https://www.contextis.com/blog/leaking-https-urls-20-year-old-vulnerability|target='_blank'] - based on information obtained 2018-05-23-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop