0

First of all I want to say that this question is not a duplicate.

What I want to know(And possibly get reasons) is if it's able to edit SSL certificates.

In more depth, let's say I have a server on my computer where when someone connects to it(and sends the HTTP request) the server get's the Host HTTP parameter(I should clarify that the client has a poisoned hosts file) and uses it to connect to the real server, so my server retrieves the certificate of the real server, now if I edit the information of the certificate(like IP addresses) and then send this modified certificate to the client, the client should believe the certificate and thus show this green lock in the address bar.

I think this could happen if the hosts file is correctly poisoned and/or you set up a router-like device that will intercept the request to any external needed server(if any) and send false information

What do you think?

Vbrawl
  • 1
  • 2
    *"First of all I want to say that this question is not a duplicate."* - this questions asks if a certificate can be modified once issued. There are several similar questions and the answers clearly say that it cannot be modified, not even a tiny bit -> marked as duplicate of these. If you still feel that your question is not a duplicate please make it clear how it differs from the existing ones and ask for reopen. – Steffen Ullrich Jul 19 '21 at 21:47
  • Also the certificates used for HTTPS server usually identify it by domain name(s) and almost never by IP address(es) (although IPaddr is _possible_; there are existing Qs on that) so your MitM would have no need at all to modify the cert -- but still fails for a completely different reason you didn't ask about (and there are even more existing Qs on that). – dave_thompson_085 Jul 19 '21 at 23:53
  • Your attack won't succeed. This is exactly the type of attack that SSL certificates were designed to prevent. If you change any information in the cert, this will break the signature on the certificate. Also, btw, certificates do not typically store IP addresses. – mti2935 Jul 19 '21 at 23:54

0 Answers0