While encryption may be a little more secure and would prevent this particular attack, all a malicious user would have to do is fire up Ettercap and do ARP poisoning on their target computer and then generate a fake SSL certificate and if the user accepts they can de-crypt all traffic.
Why do you guys live on the smart thinking of others? I wrote this kinda tool myself a few years ago, and even better, it's crossplatform instead of your 1337 windows. It's a said thing that people like you make money of the back of others. Does it make you proud that your a CISSP? I've seen a dozen CISSP that aren't capable of even writing one stupid little "hello world" script.
Yes, the point is that the attacker can see the victim's login credentials. Any web site the victim logs into can work for the attacker, UNLESS the victim has configured the site to encrypt sessions.
Thankyou for teaching me this :|
HeadShot360IN 11 months ago
sarah is beautiful!
MrCluttermania 11 months ago
Will it work with online flash games? I want to steal people's accounts.
megaKstudios 1 year ago
so basicly the only way the hacker can get to my g mail then he has to be logged on to my network, hence not possible
FusionNinjin 1 year ago
Gotta admit though, for how potentially dangerous this attack can be it is fucking easy
darkphaux 2 years ago
Easy to understand.. Cool~! but it make me sad about can not trust world.. Hmm.. Bye..
taeyoungchoon 2 years ago
Knew it. Just another whitehat buzzword for an old technique.
Jesus Christ whitehats.
lolzk0 2 years ago
While encryption may be a little more secure and would prevent this particular attack, all a malicious user would have to do is fire up Ettercap and do ARP poisoning on their target computer and then generate a fake SSL certificate and if the user accepts they can de-crypt all traffic.
Great video though, 5 stars!
ZepplinProgramming 2 years ago
@ZepplinProgramming The only hard part i that is getting them to accept the fake certificate. Worked on my sister though :)
legomaniac150 1 year ago
holy-terrorist:> *=* hahaha im new sidejacker *=*
Agentoxedo07 3 years ago 2
does it work with modem ?
CrackerSplit 3 years ago
i am a grey hat!
drfreezepop 3 years ago
Why do you guys live on the smart thinking of others? I wrote this kinda tool myself a few years ago, and even better, it's crossplatform instead of your 1337 windows. It's a said thing that people like you make money of the back of others. Does it make you proud that your a CISSP? I've seen a dozen CISSP that aren't capable of even writing one stupid little "hello world" script.
heaveninflames 3 years ago
that was beautiful,lol
BlackHaxor 3 years ago
thanks!!!
great job
koenjac 3 years ago
How to encrypt myspace??
khuzairy200 3 years ago
hello greetings
How can we prevent this kind of situations on a edge ?
thanks
prezjunt 4 years ago
Comment removed
HMROD 4 years ago
what wireless card or adapter are you using?
Are you using airpcap, or simply winpcap?
rfcapinto 4 years ago
thanks man hahaha
thematrixhasyou90 4 years ago 2
Thank you for the information.
cacgs 4 years ago
Can this also be done against other mail clients such as Yahoo?
steadysnper 4 years ago
Yes, the point is that the attacker can see the victim's login credentials. Any web site the victim logs into can work for the attacker, UNLESS the victim has configured the site to encrypt sessions.
LiveSecurity 4 years ago
omg that is bad!
pclover 4 years ago
Wow, This is tight. I am messing around with this. xD
ExPl0iT3 4 years ago
lol @ ExPl0iT3
BigFatButt 4 years ago
lol yeah. I have messed with this before..But this vid gives better details. xD
ExPl0iT3 4 years ago