This has been a busy week working on the website. I’m happy I spent the extra time at the start with the layout and design. This has allowed me to focus on publishing the work that I have completed thus far. I have updated the Home Page and posted my work for Preparing the Attack. There are still some tweaks that must be done in these areas, but the majority of the work is complete. I spent a great deal more time on publishing the webpage than I thought it would take. Getting images and text to line up correctly was a bit of a chore. Publishing the remainder of my work is going to take some time. I need to focus on getting the information up this week, even in its draft form.
I also spent time working on the second attack vector. As previously stated in my status report I had to use SSLStrip to obtain the log-in credentials from Facebook due to SSL encryption. I have now completed the PoC on using Wireshark to steal credentials from an unsecure website, bahansen.info.
I had fun starting the video dialog for my home page and the necessary action steps for the animations. I was hoping to have the video recorded this week, but simply ran out of time.
Please note that I am still behind on my reading. I have caught up with my previous weeks reading, but with the limited time I could not fully catch up with the current week.
- Published How-To-Prepare for the attack
- Draft executing the attack – SSLStrip
- Work on draft visuals for the website
- Updated Home/Introduction
- Completed Proof of Concept for using Wireshark and capturing WordPress credentials
- Created dialog for home page video
- Continue the creation of draft visuals for website
- Publish executing the attack to website
- Draft executing the attack – Wireshark