TLS is necessary for security, but it's not sufficient. But! Someone in control of your router can do a lot of bad stuff, classically they would intercept an unauthenticated download of an executable, for example a software update, and replace it with a backdoored one, and then when they have their code running on your computer with the permissions of that software, probably with access to all your user's files, they will continue the attack and TLS won't matter. If TLS doesn't protect you from that, TLS has no reason to exist and web browsers like Chrome have no reason to behave any differently between http and https sites. The whole reason TLS exists is to protect you from someone who controls your router, classically in an internet cafe. The reason why Im asking this is because my router was hacked, I was reading some things and I want to know what is possible to have happened. How can one get this key? Is decryption of https possible without this key? is Key log file using per-session secrets enough for decryption? Since the attacker controls your router, Can he do the same thing, instruct your device(computer,smartphone) to write this down somewhere so he can use it for decryption of https? Can the attacker get it If he controls your device/is able to see the contents from your device via virus, malware ?ĭoes the attacker need both Key log file using per-session secrets and RSA private key to decrypt https or is only one of these needed?įrom what I know the RSA private key cannot be acquired from the site you connect to nor from the victim. On the site of Wireshark it says that there are 2 methods : Key log file using per-session secrets and Decryption using an RSA private key.Ĭan the attacker get your "Key log file using per-session secrets" remotely? I know that if you are doing this, you can instruct your computer to write the "key log file using per-session secrets" down somewhere and from there you log it to Wireshark. Does Wireshark(packet sniffers in general) let you decrypt someone else's https sites, or only your own? For example if the router is hacked can a packet sniffer give the attacker the ability to decrypt every https site you visit from each device connected to the router?
0 Comments
Leave a Reply. |