Wait. This is a DHCP exploit on steroids. The MITM stuff is just possible becaus... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

gmueckl on Feb 9, 2018 | parent | context | favorite | on: Chrome 68 will mark all HTTP sites as “not secure”

Wait. This is a DHCP exploit on steroids. The MITM stuff is just possible because operating systems accept bonkers DHCP replies.

Ajedi32 on Feb 9, 2018 [–]

Yeah, the DHCP trick is what allows this particular method of conducting MITM via USB.

All the stuff it does _after_ becoming a MITM though are things that any MITM could do, regardless of how they became a MITM in the first place. (ARP spoofing, operating or compromising a Wi-Fi access point, etc.)

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact