Difference between revisions of "File:TL-WR902ACLogin Wireshark MitM Auth Cookie.png"

From Embedded Lab Vienna for IoT & Security
Jump to: navigation, search
(This Authorization Cookie is transferred with every interaction on the TL-WR902AC with the server. Since the website does not offer a secure connection via HTTPS, it is very easy to intercept it by a MitM attack and finally decode Base64. This gives ac...)
 
(No difference)

Latest revision as of 00:39, 1 July 2020

Summary

This Authorization Cookie is transferred with every interaction on the TL-WR902AC with the server. Since the website does not offer a secure connection via HTTPS, it is very easy to intercept it by a MitM attack and finally decode Base64. This gives access to FTP, SSH, SAMBA and HTTP services due to the shared login. However, this requires a user who is currently active in the web interface. It should be noted that some web pages like the index page additionally reload the web page content (/main/status.html?_=$TIMESTAMP) every 20 seconds and thus retransmit the cookie.

File history

Click on a date/time to view the file as it appeared at that time.

Date/TimeThumbnailDimensionsUserComment
current00:39, 1 July 2020Thumbnail for version as of 00:39, 1 July 20202,976 × 2,314 (1.22 MB)JPDoe (talk | contribs)This Authorization Cookie is transferred with every interaction on the TL-WR902AC with the server. Since the website does not offer a secure connection via HTTPS, it is very easy to intercept it by a MitM attack and finally decode Base64. This gives ac...
  • You cannot overwrite this file.

The following page links to this file:

Metadata