CVE-2014-1266

Bookmarked!

This exercise covers how to intercept an HTTPs connection

PRO Hard 1-2 Hrs. 1078 Intercept Badge

Course

This course covers how to perform a Person-in-the-Middle attack against a client performing an HTTP connection over TLS, specifically exploiting the CVE-2014-1266 vulnerability in the iOS and OSX TLS stack. The challenge involves setting up a DNS server and a malicious TLS server to intercept and decrypt the client's communication by exploiting a flaw in the TLS handshake process.

Skills covered

Secure Communications Cryptography Network

Included with PRO

Full course content 2 videos

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account