General discussion
-
Topic
-
Middler Hacking Tool: Be afraid, very afraid…..
LockedThe text below shamelessly cut and pasted from http://www.darkreading.com:
“October 6, 2008 – A researcher will demonstrate a free, plug-and-play hacking tool this week that automatically generates man-in-the middle attacks on online banking, Gmail, Facebook , LiveJournal, and LinkedIn sessions — even though they secure the login process.
Jay Beale, who recently released the so-called ?Middler? open-source tool, will show it off at the SecTor conference in Toronto. Aside from the unnerving capability of hacking into sites that perform secure logins and then use clear-text HTTP, Middler is also designed for use by an attacker with no Web-hacking skills or experience.
Beale?s tool can override a secure banking session by rewriting the URLs on the page to remove the Secure Sockets Layer (SSL) protection.”
>>> Scary Stuff! Just when you thought your web access was secure…..
Link to full article here:
http://www.darkreading.com/document.asp?doc_id=165303