dChan
Anonymous ID: bc2841 Nov. 16, 2021, 7:31 a.m. No.15011708   🗄️.is 🔗kun   >>1727 >>1749 >>1760 >>1915 >>1948 >>2006

DNS FUCKERY

 

Spoopy….

 

Not sure if just me… But for about 3-4 minutes just now… I was getting a cert invalid for 8kun.top

 

What is -really- spoopy and amusing to me… is the SSL Cert… was a FACEBOOK cert…

 

Ummmmmmm…….

 

Why 8Kun has Facebook SSL Cert…

 

Anon knows what implications there would be for such an acquisition… KEK

 

SEE Screencaps

Anonymous ID: bc2841 Nov. 16, 2021, 7:51 a.m. No.15011866   🗄️.is 🔗kun   >>1999

>>15011749

 

FACEBOOK SSL CERTIFICATE ON 8KUN

 

SSL - Secure Socket Layer

 

an SSL Certificate is issued by a Certification Authority who is responsible for confirming the legitimacy of a company.

 

An SSL Certificate is responsible for the little lock icon in the Browser URL bar. Cert Auth issues the cert with all the info about said company, and marked as legitimate. So when you go to…. say… facebook.com, you know the connection is TO Facebook, and is secured using the SSL Certificate.

 

If the Cert is marked Invalid… it could be old, could be temporary, could have already been compromised and replaced, many different reasons.

 

I have not confirmed whether or not the cert is the same as Facebook's current cert… However, for it to be installed on the 8kun domain, AND coming up in an HTTPS connection attempt… This means a few things…

 

1: Someone has a (possibly still valid SSL Cert) on the 8kun domain.

 

2: If the cert is Legitimate, it was obtained from someone with access to Facebook WebAdmin level configuration.

 

3: If this cert is legit, and is installed on the 8kun domain… It would only come up if someone temporarily changes the SSL Cert being used by the WebServer to secure HTTPS connections. Like turning it on and back off again…

 

4: IF all the above are true statements… This is an indication of a VERY VERY deep level access to Facebook…

 

Remember a couple weeks back when someone made a "Configuration" change… and ALL of Facebook went down… and their key cards couldn't even get them in the building? DNS will do that… having SSL cert level access…. Will also do that…

 

Any other WebDev fags wanna comment?

Anonymous ID: bc2841 Nov. 16, 2021, 7:53 a.m. No.15011882   🗄️.is 🔗kun

>>15011760

 

It's possible, but very unlikely.

 

An attempt like that, someone would likely try to use a Spoofed SSL cert to make you think your computer was securely connected to a "legitimate" company… and then try to phish for remote access.