Skip to content

gabrielg/CVE-2014-1266-poc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

OS X/iOS SSL Flaw POC

Overview

This repository contains some Go code that demonstrates the recently discovered SSL verification vulnerability in iOS and OS X.

Usage

$ git clone https://github.com/gabrielg/CVE-2014-1266-poc.git
$ cd CVE-2014-1266-poc
$ go build main.go
$ ./main

# In another terminal
$ cd CVE-2014-1266-poc
$ go run http_server.go

Then set the proxy on a vulnerable machine to point at port 8080 on the machine running the proxy server. HTTPS requests will be intercepted and redirected to the HTTP server listening on the UNIX domain socket that the proxy makes connections to.

screenshot


Pass the time with some reading over at gironda.org.

About

Apple OS X/iOS SSL flaw demonstration

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages