(mobeigi.com)

379 points mobeigi | 1 comments | 16 Oct 24 18:18 UTC | HN request time: 0s | source

Show context

precommunicator ◴[17 Oct 24 07:07 UTC] No.41867145[source]▶

>>41862028 (OP) #

> but the traffic itself was encrypted over HTTPS. This meant that even if one were to use a packet sniffing tool like Wireshark, you would not be able to find the raw token.

It's trivial to decrypt HTTPS with tools like Fiddler or Burp Suite, assuming this build in browser used system proxy and system certificates list.

replies(3): >>41867287 #>>41867468 #>>41868048 #

1. wobfan ◴[17 Oct 24 07:37 UTC] No.41867287[source]▶

>>41867145 #

It's also pretty easy to export the secret keys from Firefox and import it into Wireshark. Like, it's some clicks, and (depending on which TLS it uses) you gotta do it for every connection, but it's not too hard.

↑

We outsmarted CSGO cheaters with IdentityLogger