Skip to content
master
Switch branches/tags
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 

README.md

OS X/iOS SSL Flaw POC

Overview

This repository contains some Go code that demonstrates the recently discovered SSL verification vulnerability in iOS and OS X.

Usage

$ git clone https://github.com/gabrielg/CVE-2014-1266-poc.git
$ cd CVE-2014-1266-poc
$ go build main.go
$ ./main

# In another terminal
$ cd CVE-2014-1266-poc
$ go run http_server.go

Then set the proxy on a vulnerable machine to point at port 8080 on the machine running the proxy server. HTTPS requests will be intercepted and redirected to the HTTP server listening on the UNIX domain socket that the proxy makes connections to.

screenshot


Pass the time with some reading over at gironda.org.

About

Apple OS X/iOS SSL flaw demonstration

Resources

Releases

No releases published

Packages

No packages published

Languages