I'm trying to research and patch a TLS renegotiation exploit which makes a website vulnerable to Man-in-the-Middle attacks. However, I don't understand how the attack occurs exactly and feel like a simple working example would help.
How does an attacker append data to a client's request? Why doesn't the server receive it as two requests? Do both the attacker and victim need to be on the same network for this to occur?
Can someone provide a bare-minimum working example that demonstrates a Man-in-the-Middle exploit? Wget, curl, scripts, whatever.
Thanks for your help.
Best Answer
Since you specified TLS renegotiation, I assume you are referring to CVE-2009-3555. Proof of Concept code was published by RedTeam Pentesting and is available from their site: http://www.redteam-pentesting.de/en/publications/tls-renegotiation/-tls-renegotiation-vulnerability-proof-of-concept-code
Additionally, there are youtube videos demonstrating it's use.