![]() Since this is changing the server cert that the client app sees the client app might just reject the connection (certificate pinning, hard-pins). You cannot decrypt the messages unless you control either the server (privkey for RSA auth suites, server app or program memory) or client (app or memory) (well, or both negotiate weak ciphers but thats a different topic)Įasiest way but most invasive and easy to spot for both server and client: ssl/tls man-in-the-middle with fake certs.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |