HTTPS
跳至導覽
跳至搜尋
{{#tree:
- Introduction
- Misc
- Crypto
- Web
- Assembly
- Executable
- Reverse
- Pwn
- Android
- ICS
- Blockchain
}}
HTTPS[編輯]
HTTPs = HTTP + SSL / TLS.服務端和客戶端的信息傳輸都會通過TLS進行加密,所以傳輸的數據都是加密後的數據
例題[編輯]
題目:hack-dat-kiwi-ctf-2015:ssl-sniff-2
打開流量包發現是 SSL 加密過的數據,導入題目提供的server.key.insecure,即可解密
GET /key.html HTTP/1.1
Host: localhost
HTTP/1.1 200 OK
Date: Fri, 20 Nov 2015 14:16:24 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 20 Nov 2015 14:15:54 GMT
ETag: "1c-524f98378d4e1"
Accept-Ranges: bytes
Content-Length: 28
Content-Type: text/html
The key is 39u7v25n1jxkl123