SSL stripping incident

Requirement
Download and install MITM proxy​
How to trigger incident
Step 1: Run the mitmdump on the testing PC
Step 2: Insert the IP address and the port number on the test device
Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to manual>Add the IP address and port number of the testing PC on the test device.
Wait for the test device to appear on the PC.
Step 3: Run the scripts
ssl-strip-bundel.rar
2KB
Binary
Step 4: Search on your device
Open a browser on the test device and search the SLL Stripping demo site. 
The 'https' links have been stripped down to 'http'. 
How to remediate the incident
Disable the proxy
Follow the steps below to disable the proxy on the test device.
Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to 'None'

Phishing site incident

Captive portal incident

Last modified 2yr ago