Comment by arowthway
4 hours ago
If you're able to manipulate DNS, can't you just issue your own certificate for the domain? Even if it would be revoked moments later, mitmproxy doesnt check it even when ssl_insecure=false:
https://github.com/mitmproxy/mitmproxy/issues/2235
EDIT: Maybe I incorrectly assumed you meant authoritative DNS.
You got it, authoritative not necessary. It just needs to be your router, your ISPs resolver, or the one at your public library/coffee shop/hotel etc. I’d throw BGP route poisoning in there too, but then you have much bigger problems lol.
Like you pointed out in your original post, this would be expensive to run as a targeted attack, but it has good unit economics if you scale it up, wait, and then harvest.