Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
dollar2018-09-04 22:53:34
Domain Name System
dollar, 2018-09-04 22:53:34

Is it possible to intercept passwords over HTTPS?

Suppose I specified a third-party (left) DNS. He can replace the real ip with his own. Question - can passwords be intercepted if the site works via HTTPS?
A more general question - can the left host spoof the entire site when connected via HTTPS?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
X
xmoonlight, 2018-09-04
@xmoonlight

In short: Possibly.
Encrypt your traffic with your protocol inside SSL.

Report
C
CityCat4, 2018-09-05
@CityCat4

Maybe.
Not easy, requires some preliminary steps, but possible. If you intercept the session key, then the session can be decrypted. And then all the traffic inside the tunnel is visible.

Similar questions
S
Stanislav2017-09-13 14:21:57
Setting up a tunnel on windows 7 embedded? 1Reply
D
Digsecman2021-04-22 11:42:14
How to configure Ansible to read DNS domain member names (WinServer 2019)? 1Reply
B
BIDutyk2021-04-25 12:35:13
Is it possible to block a domain from a mobile operator? And is there any way to bypass it? 4Reply
B
Beeshop872021-04-26 10:08:40
Lost domain. How to untie it from the old site? 1Reply
S
Shandy2021-05-02 17:58:09
How to make your domain in the local network? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question