WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

OT: Inserting Ads without breaking the SSL

From: "Saqib Ali" <docbook.xml () gmail com>
Date: Fri, 21 Apr 2006 11:03:11 -0700
This is a little bit off-topic. But I need to solve this mystery:

Recently a provider in Santa Clara, CA started to provide free Wifi
service. The only catch is that they insert Adds on the webpage see:
http://www.metrofi.com/advertisers.html (screenshot at the very bottom).

This does not require installation of any software. So seems to me
their proxy is somehow modifying the HTML webpage to add the Ads.

I would like to find out how this is done so that the intergrity of a
SSL enabled page is not lost.

Thanks

--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------

-------------------------------------------------------------------------
This List Sponsored by: SPI Dynamics

ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: