[eh78ssxv2f]

> If so, then they fire up Nginx and serve poisoned PDFs to anyone who connects to it.

Even if the attacker redirects the traffic, it still needs to serve the HTTPS/SSL certificates. How will the attacker do that?

[munchbunny]

I believe LetsEncrypt will issue you a certificate for that subdomain if you can control the server responding at that subdomain.

EDIT:

Specifically: https://letsencrypt.org/docs/challenge-types/

It won't give you a wildcard certificate, but you don't need one for the type of attack we're talking about.

[sroussey]

Well, hopefully they use certificate pinning. And if not, they should do certificate transparency like chromes does.

[kstrauser]

Maybe it does? It could be serving plaintext HTTP ("why would we encrypt our logo.png file?"), or the client library could be configured to accept any valid SSL cert because they don't want to deploy good certs to every ephemeral host they spin up.

There are a lot of ways this could go wrong.

[eh78ssxv2f]

Agreed. In my mind, if the server is using plain HTTP, and the attacker has control over parts of the network, then plain-old DNS is not the only attack model. The attacker does not need to hack DNS, they can just manipulate the content on the wire.