Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
dollar2018-09-04 22:53:34
Domain Name System
dollar, 2018-09-04 22:53:34

Is it possible to intercept passwords over HTTPS?

Suppose I specified a third-party (left) DNS. He can replace the real ip with his own. Question - can passwords be intercepted if the site works via HTTPS?
A more general question - can the left host spoof the entire site when connected via HTTPS?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
X
xmoonlight, 2018-09-04
@xmoonlight

In short: Possibly.
Encrypt your traffic with your protocol inside SSL.

Report
C
CityCat4, 2018-09-05
@CityCat4

Maybe.
Not easy, requires some preliminary steps, but possible. If you intercept the session key, then the session can be decrypted. And then all the traffic inside the tunnel is visible.

Similar questions
V
Valery Albertovich Zhmyshenko2020-04-25 00:42:31
How to create a local DNS server on an OpenWrt router? 0Reply
J
JimJack2021-06-23 00:25:58
DNS for three local domains - how? 3Reply
V
Valery Albertovich Zhmyshenko2020-04-25 19:00:33
How to track which domains an application uses? 0Reply
W
wufapexef2018-02-22 23:46:28
Raised OpenVPN, but DNS is still on - why, how to fix it? 1Reply
H
haa2015-10-22 14:22:49
How to add a virtual machine to a windows domain? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question