868

I will burn your servers to the ground, foul villain (startrek.website)

submitted 1 year ago by [email protected] to c/[email protected]

55 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] [email protected] 7 points 1 year ago* (last edited 1 year ago)

The attack vector is as follows:

Evil.com phishes a user and asks for username and password for Good.com
Evil.com immediately relays those credentials to Good.com
Good.com asks Evil.com for TOTP
Evil.com asks victim for TOTP
Evil.com relays TOTP to Good.com and does a complete account takeover

The various physical dongles prevent this by using the asking domain as part of the hash. If you activated the dongle on Evil.com, it'll do nothing on Good.com (except hopefully alerting the SOC at Good.com about a compromised username and password pair).

this post was submitted on 23 Sep 2023

868 points (97.8% liked)

Memes

45243 readers

2023 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

[email protected]