|
|
|
|
|
|
by Spivak
1158 days ago
|
|
|
This doesn't work unless the attacker happens to be in between your servers and the cert authority. The ISP that's in-between your laptop and the site can't pull this trick. Also LE actually knows this attack is possible and mitigates it by validating the challenge from multiple sources so the attacker would need to be in the middle of all the LE validators and your servers. https://portswigger.net/daily-swig/lets-encrypt-deploys-new-... |
|
|
You might have access through editing a proxy rewrite rule, for example.
In the attack above you use your own SSL provider for a cert (LE not involved) and you overwrite the cert in a sense that existed before. You choose a provider that just validates with a file location. It's an attack which already requires compromise.