I recall that subdomains are their own record inside a DNS, which would imply that anyone can claim that their server is a non-existent subdomain of the real domain
I recall that subdomains are their own record inside a DNS, which would imply that anyone can claim that their server is a non-existent subdomain of the real domain
I’ve been able to downgrade https sites to plain http sites, through a series of loopholes which I won’t go into.
So you’ve… compromised your own security. Grats?
That’s nice, be sure to tell us how it goes when HSTS is enabled