WebRtc上的Mitm攻击 [英] Mitm Attack on WebRtc
问题描述
现在我将实施MITM攻击。我在想,Peer_1应该调用两个rtc对等连接,一个用于第二个对等点(Peer_2),一个用于MITM。对于第二个对等体来说也是一样。
现在,我认为信令服务器需要监听另一个端口,对于从两个对等体接收的每个rtc对等连接(例如Peer_1为8282,Peer_2为8383。
我是对的吗?我认为,因为信令服务器的实现是一对一的通信。
通过这种方式,端口8181上的信令服务器允许Peer_1的端到端通信和Peer_2,28282上有Peer_1和MITM的信令路径,MITM和Peer_2的信令路径为8383.
我是对还是不对?感谢您的支持。
中间的人指的是传输过程中的拦截,WebRTC本身使用DTLS和密钥交换是安全的,所以弱点通常是由应用程序选择的信令服务器。
但你所描述的却听起来像 Man在两端。您必须信任该服务(服务器)以保证您所连接的人。如果该服务器遭到入侵,或者任何一个客户端被泄露 - 例如通过注入 - 那么就无法保证您正在与谁通话,因为客户可以轻松地将传输转发给另一方。
i have a problem. I've developed a web-app using WebRtc for one-to-one videocall via browser using WebRtc with signalling server on node js (listening e.g. on 8181 port).
Now i would implement MITM attack. I was thinking that, wheen Peer_1 should invoke two rtc peer connection, one for the second peer (Peer_2), one to the MITM. The same thing for the second peer.
Now, i was thinking that signalling server needs to listen on another port, for each rtc peer connection received from the two peers (e.g. 8282 for Peer_1 and 8383 for Peer_2).
Am i right? I think that because signalling server's implementation is to one-to-one communication.
In this way, signalling server on port 8181 allows end-to-end communication for Peer_1 and Peer_2, on 8282 there is the signalling path for Peer_1 and the MITM, and on 8383 for MITM and Peer_2.
Am i right or not? Thanks for the support.
Man in the middle refers to interception during transmission, which WebRTC itself is secured against using DTLS and key exchange, so the weak point is usually the signaling server chosen by an application instead.
But what you describe however sounds like Man on both ends. You have to trust the service (the server) to guarantee whom you're being connected to. If that server is compromised, or either client is compromised - say by injection - then there's no guarantee whom you're talking to, since a client can easily forward a transmission to another party.
这篇关于WebRtc上的Mitm攻击的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
