Why some (major) HTTPS websites cannot easily intercepted
This Wiki page is intended to answer a question, that is raised with increasing frequency.
Ettercap has three possiblities to try to sneak into HTTPS secured websites
- HTTPS interception (should dedicate a Wiki page for that as well)
- HTTPS stripping (sslstrip plugin)
- DNS spoofing and redirection to an own webserver
The problem is, that with some (and especially the famous ones) none of those techniques work except if one condition can be satisfied: