Is it possible to intercept video for example a netflix stream in real time if you are connected to the same LAN? Is it possible to know when the target computer pauses and plays the video so you know so you know what's on their screen at any moment in time?
Asked
Active
Viewed 263 times
1 Answers
4
ARP spoofing only allows the redirection of traffic through your device. Netflix claims to have been using HTTPS secured video streams. This creates a secure connection between the user and Netflix of which ARP spoofing does nothing but simply redirect traffic through your machine on a LAN. It cannot decrypt the traffic, unless the traffic is WPA2 encrypted in which case you and all users on the LAN have the key, unless it is Enterprise. But decrypying the WPA2 still leaves HTTPS. HTTPS encrypts the HTTP data that goes by, thus you cannot see their actual video. Netflix stated they would add SSL back in April
It is possible however to use tools such as SSLStrip , or its variants to trick the user into not using SSL. If it is successful you CAN view their video. There are other sorts of SSL MiTM attacks such as SSL interception proxys, where you trick the user into installing your SSL certificate as a CA in which you can make them think any site is secure. Then you can view all HTTP traffic as you have the decryption keys. You can turn your ARP spoofing machine into an SSL interception proxy.
dylan7
- 747
- 1
- 9
- 18