Y
Hacker News
new
|
ask
|
show
|
jobs
by
hiatus
640 days ago
Good thing you can still see the domain over the network if you control the network.
1 comments
lukevp
640 days ago
You can’t control anything if they do DNS over HTTPS to a hardcoded IP they control and cert pin so you can’t MITM the connection, can you?
link
userbinator
640 days ago
That's what a firewall is for.
link
Wingy
640 days ago
If the pinned cert is stored on some kind of ROM chip you could probably rewrite it to replace it with your own cert.
link
hiatus
640 days ago
You can at the very least block traffic to the hardcoded IP.
link
pkulak
630 days ago
Sure, but then DNS breaks on the device and it's useless. Might as well just hit it with a hammer.
link