Skip to content

gabrielg/CVE-2014-1266-poc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
http_server.go
http_server.go
 
 
main.go
main.go
 
 
screenshot.png
screenshot.png
 
 

Repository files navigation

OS X/iOS SSL Flaw POC

Overview

This repository contains some Go code that demonstrates the recently discovered SSL verification vulnerability in iOS and OS X.

Usage

$ git clone https://github.com/gabrielg/CVE-2014-1266-poc.git
$ cd CVE-2014-1266-poc
$ go build main.go
$ ./main

# In another terminal
$ cd CVE-2014-1266-poc
$ go run http_server.go

Then set the proxy on a vulnerable machine to point at port 8080 on the machine running the proxy server. HTTPS requests will be intercepted and redirected to the HTTP server listening on the UNIX domain socket that the proxy makes connections to.

screenshot

Pass the time with some reading over at gironda.org.

About

Apple OS X/iOS SSL flaw demonstration

Resources

Readme
Activity

Stars

79 stars

Watchers

9 watching

Forks

14 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages