Injecting Certificates?

Tonight I’m messing around with post/windows/manage/inject_ca. Specifically trying to get it to work.  Seems like a handy little item to have for SSL based MITM attacks.  Create a root CA, use an exploit to add it to the root of a target, then lay low and wait for web logins.  Doubly useful for those HSTS secured sites…

I didn’t realize that certificates are just stored as binary blobs in the registry. Neat.

Also, XP SP3 just straight up doesn’t understand SHA512. At all. I had to apply a hotfix to get it up and running.


Leave a Reply

Your email address will not be published. Required fields are marked *