|
|
|
|
|
|
by iso1631
2334 days ago
|
|
|
Block outgoing connections on port 443. MITM anything on port 80 which forwards to the server on port 443. Your browser then loads www.whatever.com as http, even if the server doesn't allow http. HSTS means if you've been to www.whatever.com before you'll be blocked. If you've never been before that doesn't help though. In that fashion, typing www.mybank.com could redirect you to http://www.mybank.com (mitm) then to https://www.mybank.com-login.com/, where you get a green padlock. |
|
|