• kahdbrixk@feddit.de
    link
    fedilink
    arrow-up
    16
    ·
    5 months ago

    That kind of ssl interception would normally be quite visible without your client device having the pineapples cert in your devices trust store, or am I wrong?

    • beveradb@lemm.ee
      link
      fedilink
      arrow-up
      8
      ·
      edit-2
      5 months ago

      I’m sure a lot has changed in 10 years ago so this won’t be relevant today, but back when I was last playing with this, sslstrip was the tool I was using on the pineapple to enable SSL mitm attacks - https://github.com/moxie0/sslstrip

      I’d imagine there are new techniques to counteract new defenses - this stuff is always cat & mouse