Malicious PAC


Malicious PAC are Attacks where an Attacker is able to Force the browser or User-agent to use a Malicious Proxy Auto-Config file.

The typical Scenario is a Public Wi-Fi (cafe, hotel, airport, …) where the Attacker uses:

  • DHCP spoofing/hijacking, sending out DHCP option code for WPAD (252)
  • DNS spoofing/hijacking, responding for /^wpad/ (WPAD) queries

Browser or User-agent then exposes the (https://) URLs to the PAC function

  • FindProxyForURL(url, host)
  • This is not an attack on TLS/SSL, TLS/SSL versions/features/configurations CAN NOT block it.

More Information#

There might be more information for this subject on one of the following: