O'Reilly logo

Learning zANTI2 for Android Pentesting by Miroslav Vitula

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

SSL Poodle

Poodle, which literally stands for Padding Oracle on Downgraded Legacy Encryption, is a Man-In-The-Middle exploit that takes advantage of the way some browsers deal with encryption. Poodle can be used to target browser-based communication that relies on the Secure Sockets Layer 3.0 (SSL) protocol for authentication and encryption. SSL has in most cases been replaced by the Transport Layer Security (TLS) protocol, but some browsers will revert to SSL when a TLS connection isn't available.

When exploited, an attacker is capable of exposing encrypted information by standing between the sender and receiver (called MITM; more about this attack in the following chapter). The only way to prevent Poodle attacks is to stop using SSL 3.0. Use ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required