This repository has been archived by the owner on Nov 20, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
A TLS demo of backdoored RSA key generation
License
mykter/tls-kleptography
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
TLS kleptography demo using ryancdotorg's rsabd.py (https://gist.github.com/ryancdotorg/9bd3873e488740f86ebb): 0. Setup: 4xVMs - Evil-CA (https://evil-ca.com). - Web server (https://victim-site.com) - User - CA root cert installed in browser - MITM - appropriate /etc/hosts entries for ca + victim domains in user and MITM machines - To bind to privileged ports without root: setcap 'cap_net_bind_service=+ep' /usr/bin/python3 1. generate public/private keypair for victim, email them link - Browse to https://evil-ca.com on server - ./ca.py victim-site.com 2. set up website - browse to webserver, download cert + privkey - save files in appropriate location - run ./serve.py victim-site.com.crt victim-site.com.key 3. set up fake website ./clone.py victim-site.com 4. MITM - arp poison / edit /etc/hosts 5. Browse to website again on user machine
About
A TLS demo of backdoored RSA key generation
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published