Hackers Can Intercept HTTPS URLs via Proxy Attacks


SecurityWeek - July 29, 2016



Researchers have demonstrated how a design flaw affecting most operating systems and web browsers can be exploited to exfiltrate HTTPS URLs and conduct various types of malicious activities.

The attack relies on proxy auto-config (PAC) files, which specify how web browsers and other user agents handle HTTP, HTTPS and FTP traffic. PAC files use a JavaScript function named FindProxyForURL to determine whether URLs are fetched directly or through a proxy server.

Related Posts