|
|
#1
12-19-2022, 15:35
|
|||
|
|||
SSL Hostname verify
Hi everyone,
I do have the following issue, hope someone can point me to the right direction. Software I am looking at does send post requests to a server over https. The software does have hostname verify set, so it verifys the hostname given in the certificate. I am trying to build my own server and later on redirect the request to my own address. For that I would like to use DNS spoofing. Is it possible to have the same hostname within my closed network as what is set in the certificate? Is there any other way on circumventing the Hostname verification? I can not patch the binary to disable hostname verify. Hope there is a way. -e 
|
|
#2
12-19-2022, 20:11
|
|||
|
|||
|
Have you give it a try to self-signed certificate?
you could use another Root CA to sign the 1st one you could mimic all the attributes used in original one... but of course SW might be smart enough to understand that it works with fake cert..
|
 |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
