|
|
|
|
|
|
by SpaethCo
2888 days ago
|
|
|
Proxying the authentication isn't really an "advanced" attack. In a 19 minute video[0] the author of CredSniper[1] gives a complete walk-through for setting up his proof of concept tool, including building the login pages and registering for LetsEncrypt SSL certs. The hardest part still remains choosing the domain name and getting people to click the link, and still people find ways to overcome those hurdles. As TOTP use has increased, the basic phishing toolkit has evolved to match. Attackers want accounts, not passwords, so they're just adjusting to get working sessions. The passwords were only ever just a means to an end. [0] https://www.youtube.com/watch?v=TeSt9nEpWTs
[1] https://github.com/ustayready/CredSniper |
|
|