proof of concept squid injecting js even with pinned ca

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

proof of concept squid injecting js even with pinned ca

stern0m1
Hi,
I am new to squid, please pardon me if this has already been discussed.

Is there a proof of concept somewhere to successfully use squid as a
transparent proxy for  a mitm attack to inject js for sites/applications
with pinned a pinned certificate?

Thanks




--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: proof of concept squid injecting js even with pinned ca

Amos Jeffries
Administrator
On 28/09/17 06:46, stern0m1 wrote:
> Hi,
> I am new to squid, please pardon me if this has already been discussed.
>
> Is there a proof of concept somewhere to successfully use squid as a
> transparent proxy for  a mitm attack to inject js for sites/applications
> with pinned a pinned certificate?

No, MITM is not possible for those. That is the point of pinning.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users