G
G
Geoler2017-10-11 19:58:58
WiFi
Geoler, 2017-10-11 19:58:58

How to intercept the https traffic of the connected device from the phone?

Erm, well, here's the deal. I don’t understand this almost completely, so sorry for the crazy suggestions. It became interesting about the interception of https traffic. No, I don't want to intercept information to mock someone, just for sport. Let's say the target is a classmate's phone. At first I tried to intercept the information I needed with the help of programs for the phone droidsheep, zanti, etc., then after reading, I realized that https traffic cannot be intercepted by them in general. After reading more, it turned out that you can intercept the information, but you need to take a classmate's phone, install a certificate on it, add a proxy, it's rather dreary, and not rational, no, I'm not too lazy, it's just a different goal, then I decided to just go to the site from the phone with insecure connection, bam, and the site does not support it. As a result, the only solution I see is traffic interception, when I distribute to a friend from mobile internet. Like the data goes through my phone. And then I hit the wall. Firstly, I don’t know if this is possible in theory, but even more so in practice. If possible, then how, if not, then maybe there are other ways out.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
1
15432, 2017-10-11
@Geoler

HTTPS was designed specifically to prevent interception of data. As you rightly noted, decryption requires a trusted proxy, to which the device will not connect without a certificate installed. In general, you can find out which site the request is made to. Using the Diffie-Hellman algorithm to generate a shared key for traffic encryption makes it impossible to decrypt the data stream.
Independent attempts to intercept HTTPS did not lead to anything, either the client discovered that it was connecting to the wrong site at all (when establishing a connection, the client makes sure that the certificate is correct), or I received an encrypted data stream (which I only forwarded back and forth, not in able to decipher).
I'm probably missing something, because relatively recently, in the comments to a similar question, I was told that everything is perfectly intercepted and I didn’t understand something. It is noteworthy that now all the comments there are worn out, both his and mine (reptilians hide the secrets of HTTPS ??)

A
Alexey "Tsyn", 2017-10-25
@french314

Can. Of course you can.
Go to the nearest center related to quantum computers, get acquainted with a leading specialist in cryptography. Organize test work on the project))
And without supercomputers or quantum supercomputers, decoding can take millennia))

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question