Full Disclosure mailing list archives

Re: GoAgent vulnerabilities: CA cert with known private key, TLS MITM

From: Dave Howe <davehowe.pentesting () gmail com>
Date: Fri, 06 Jun 2014 13:03:45 +0100

On 02/06/2014 21:13, David Fifield wrote:

There is an HTML version of this document with screenshots at
https://www.bamsoftware.com/sec/goagent-advisory.html.

  * GoAgent installs a root CA certificate with a known private key
      * Test page
      * Mitigation
      * How to remove the GoAgent certificate

Yeah, seen this in the past with a bunch of similar spoofing proxy
solutions. Webscarab for example.
Solution is usually the same - replace the key material with your own.

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

GoAgent vulnerabilities: CA cert with known private key, TLS MITM David Fifield (Jun 03)
- Re: GoAgent vulnerabilities: CA cert with known private key, TLS MITM Dave Howe (Jun 08)