Man in the Middle Attack on Banks
-
Upload
melezov -
Category
Technology
-
view
462 -
download
1
description
Transcript of Man in the Middle Attack on Banks
![Page 1: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/1.jpg)
MAN IN THE MIDDLE ATTACK ON BANKS
Selenium scraping of other people's fun and profit
![Page 2: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/2.jpg)
WHO? WHERE? WHAT?
Marko Elezović @melezov
tech lead at Instantor AB
Swedish bank aggregator
![Page 3: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/3.jpg)
Alice Bob
IN A NUTSHELL
![Page 4: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/4.jpg)
Alice BobstEve
IN A NUTSHELL
![Page 5: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/5.jpg)
IN A NUTSHELL
![Page 6: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/6.jpg)
LEGAL, SALES & TECH
![Page 7: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/7.jpg)
LEGAL, SALES & TECH
![Page 8: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/8.jpg)
LEGAL, SALES & TECH
[ ] I have read and agree to the EULA
![Page 9: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/9.jpg)
LEGAL, SALES & TECH
[ ] I have read and agree to the EULA
![Page 10: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/10.jpg)
LEGAL, SALES & TECH
[x] I have read and agree to the EULA
![Page 11: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/11.jpg)
LEGAL, SALES & TECH
[x] I have read and agree to the EULA
![Page 12: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/12.jpg)
LEGAL, SALES & TECH
[x] I have read and agree to the EULA
identity (KYC)
![Page 13: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/13.jpg)
LEGAL, SALES & TECH
[x] I have read and agree to the EULA
identity (KYC)
![Page 14: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/14.jpg)
LEGAL, SALES & TECH
[x] I have read and agree to the EULA
identity (KYC)
cashflow (accounts / txns)
![Page 15: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/15.jpg)
stEve says: “You cannot afford to take that loan at this rate”
![Page 16: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/16.jpg)
stEve says: “OK, that will work”
![Page 17: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/17.jpg)
LEGAL, SALES & TECH
[x] I have read and agree to the EULA
identity (KYC)
cashflow (accounts / txns)
budget tool
![Page 18: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/18.jpg)
LEGAL, SALES & TECH
[x] I have read and agree to the EULA
identity (KYC)
cashflow (accounts / txns)
budget tool
![Page 19: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/19.jpg)
TECH
![Page 20: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/20.jpg)
2010 – ???
![Page 21: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/21.jpg)
2010 – ???
![Page 22: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/22.jpg)
2010 – POST
![Page 23: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/23.jpg)
2010 – POST
![Page 24: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/24.jpg)
2010 – POST
![Page 25: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/25.jpg)
2010 – POST
![Page 26: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/26.jpg)
2010 – POST
![Page 27: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/27.jpg)
2010 – POST
def login(number: String, otp: String) = { val req = Post( "https://www.zaba.hr/ebank/gradjani/Prijava" , "command" -> "Prijava" , "linkId" -> "446" , "AppIdentifikator" -> "0" , "KioskVersion" -> "0" , "br_tokena" -> number , "otp" -> otp ) sendAndLog(req, "Login POST")}
![Page 28: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/28.jpg)
2010 – POT OF GOLD
![Page 29: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/29.jpg)
2010 – POT OF GOLD
<xml/>
.csv
.xlsx .html
![Page 30: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/30.jpg)
2010 – PO(S)T OF GOLD
def getTransactions(account: ZabaAccount, dates: Interval) = { val req = Post( "https://www.zaba.hr/ebank/gradjani/Gradjani" , "command" -> "PrometiPoRacunu" , "action" -> account.kind , "download" -> "N" , "cboBrojRacuna" -> account.number , "fieldDatumOd" -> dates.start , "fieldDatumDo" -> dates.end , "commandAction" -> "Prijava" ) sendAndLog(req, "Transactions POST for " + account.number)}
![Page 31: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/31.jpg)
2010 – PO(S)T OF GOLD
![Page 32: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/32.jpg)
2010 – PO(S)T OF GOLD
<div class='main'><div class="naslov"> <div class="title">Prometi</div> <div class='podnaslov'> <div class='title'>Prometi po računu <span style='font-weight:normal;'>HR602360000</span>1234567890 (tekući račun) za razdoblje od 05.10.2013. do 05.10.2014.</div> </div> <div id='prometiDospijeli'/><noscript language='JavaScript'><!--var prometiDospijeli=new Array();prometiDospijeli[0]=new Array('07/01/2013','1234567890123456','Pasivna kamata',0.01,null,78.82,'HRK');prometiDospijeli[1]=new Array('08/14/2013','1234567890123451','Uplata redovitog primanja',2677.83,null,4756.65,'HRK');prometiDospijeli[2]=new Array('08/19/2013','1234567890123452','Isplata',null,4750.00,6.65,'HRK');prometiDospijeli[3]=new Array('08/19/2013','1234567890123453','Uplata',20.00,null,26.65,'HRK');prometiDospijeli[4]=new Array('09/06/2013','1234567890123454','Naknada za korištenje - p.a. moderan',null,20.00,6.65,'HRK');prometiDospijeli[44]=new Array('04/01/2014','1234567890123455','Zatezna kamata po nedopuštenom prekoračenju',null,0.10,9.31,'HRK');prometiDospijeli[46]=new Array('04/14/2014','1234567890123456','Osobno primanje isplaćeno u cijelosti',2672.59,null,2661.90,'HRK');prometiDospijeli[57]=new Array('05/26/2014','1234567890123457','E-zaba prijenos - super sport - uplata na račun',null,2.20,0.12,'HRK');createDataTablePrometi('prometiDospijeli',prometiDospijeli);// --></noscript></div><noscript src='./JavaScript/InitPrometiValidation.js?v=1.18.00' language='JavaScript'></noscript>
<br /><br /></div></div></div>
![Page 33: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/33.jpg)
2010 – PO(S)T OF GOLD
<div class='main'><div class="naslov"> <div class="title">Prometi</div> <div class='podnaslov'> <div class='title'>Prometi po računu <span style='font-weight:normal;'>HR602360000</span>1234567890 (tekući račun) za razdoblje od 05.10.2013. do 05.10.2014.</div> </div> <div id='prometiDospijeli'/><noscript language='JavaScript'><!--var prometiDospijeli=new Array();prometiDospijeli[0]=new Array('07/01/2013','1234567890123456','Pasivna kamata',0.01,null,78.82,'HRK');prometiDospijeli[1]=new Array('08/14/2013','1234567890123451','Uplata redovitog primanja',2677.83,null,4756.65,'HRK');prometiDospijeli[2]=new Array('08/19/2013','1234567890123452','Isplata',null,4750.00,6.65,'HRK');prometiDospijeli[3]=new Array('08/19/2013','1234567890123453','Uplata',20.00,null,26.65,'HRK');prometiDospijeli[4]=new Array('09/06/2013','1234567890123454','Naknada za korištenje - p.a. moderan',null,20.00,6.65,'HRK');prometiDospijeli[44]=new Array('04/01/2014','1234567890123455','Zatezna kamata po nedopuštenom prekoračenju',null,0.10,9.31,'HRK');prometiDospijeli[46]=new Array('04/14/2014','1234567890123456','Osobno primanje isplaćeno u cijelosti',2672.59,null,2661.90,'HRK');prometiDospijeli[57]=new Array('05/26/2014','1234567890123457','E-zaba prijenos - super sport - uplata na račun',null,2.20,0.12,'HRK');createDataTablePrometi('prometiDospijeli',prometiDospijeli);// --></noscript></div><noscript src='./JavaScript/InitPrometiValidation.js?v=1.18.00' language='JavaScript'></noscript>
<br /><br /></div></div></div>
![Page 34: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/34.jpg)
2010 – PO(S)T OF GOLD
<div class='main'><div class="naslov"> <div class="title">Prometi</div> <div class='podnaslov'> <div class='title'>Prometi po računu <span style='font-weight:normal;'>HR602360000</span>1234567890 (tekući račun) za razdoblje od 05.10.2013. do 05.10.2014.</div> </div> <div id='prometiDospijeli'/><noscript language='JavaScript'><!--var prometiDospijeli=new Array();prometiDospijeli[0]=new Array('07/01/2013','1234567890123456','Pasivna kamata',0.01,null,78.82,'HRK');prometiDospijeli[1]=new Array('08/14/2013','1234567890123451','Uplata redovitog primanja',2677.83,null,4756.65,'HRK');prometiDospijeli[2]=new Array('08/19/2013','1234567890123452','Isplata',null,4750.00,6.65,'HRK');prometiDospijeli[3]=new Array('08/19/2013','1234567890123453','Uplata',20.00,null,26.65,'HRK');prometiDospijeli[4]=new Array('09/06/2013','1234567890123454','Naknada za korištenje - p.a. moderan',null,20.00,6.65,'HRK');prometiDospijeli[44]=new Array('04/01/2014','1234567890123455','Zatezna kamata po nedopuštenom prekoračenju',null,0.10,9.31,'HRK');prometiDospijeli[46]=new Array('04/14/2014','1234567890123456','Osobno primanje isplaćeno u cijelosti',2672.59,null,2661.90,'HRK');prometiDospijeli[57]=new Array('05/26/2014','1234567890123457','E-zaba prijenos - super sport - uplata na račun',null,2.20,0.12,'HRK');createDataTablePrometi('prometiDospijeli',prometiDospijeli);// --></noscript></div><noscript src='./JavaScript/InitPrometiValidation.js?v=1.18.00' language='JavaScript'></noscript>
<br /><br /></div></div></div>
![Page 35: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/35.jpg)
2010 – POST
![Page 36: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/36.jpg)
2011 – POST
![Page 37: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/37.jpg)
2011 – POST MORTEM
![Page 38: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/38.jpg)
2011 – SELENIUM
![Page 39: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/39.jpg)
2011 – SELENIUM
def doLogin(userCode: String, password: String) = { val UserCode = By.xpath("//input[@id and @name='username']") val Password = By.xpath("//input[@name='password']") val ButtonOk = By.xpath("//button[@name='loginButton']")
findElement(UserCode).sendKeys(userCode) findElement(Password).sendKeys(password) findElement(ButtonOk).click()}
![Page 40: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/40.jpg)
2012 – SELENIUM (34SE)
![Page 41: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/41.jpg)
2012 – SELENIUM (34SE)
Selenium 1.xSelenium
+WebDriver
(2.x)
![Page 42: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/42.jpg)
2012 – SELENIUM 2.X
• Non – JavaScript based
• Dismiss dialogs & alerts
• Upload / Download files (Save as…)
• Firefox, Chrome, Opera, IE, …
![Page 43: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/43.jpg)
2012 – SELENIUM 2.X
• Non – JavaScript based
• Dismiss dialogs & alerts
• Upload / Download files (Save as…)
• Firefox, Chrome, Opera, IE, …
Missing remote session support!
![Page 44: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/44.jpg)
2012 – SELENIUM 2.X
• Non – JavaScript based
• Dismiss dialogs & alerts
• Upload / Download files (Save as…)
• Firefox, Chrome, Opera, IE, …
Missing remote session support!https://github.com/tferega/selenate
![Page 45: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/45.jpg)
2012 - SELENATE
• Runs on Akka remote
• Session support through GUIDs
• M-N session connectivity
![Page 46: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/46.jpg)
2012 - SELENATE
• Runs on Akka remote
• Session support through GUIDs
• M-N session connectivity
Client
Servers(no session IDs)
![Page 47: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/47.jpg)
2012 - SELENATE
• Runs on Akka remote
• Session support through GUIDs
• M-N session connectivity
Client
Servers(no session IDs)
Production client Debug
client
session #3FCArunning on node 4
session #2898running on node 2
![Page 48: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/48.jpg)
2014+ - SELENATE 3.0
• Akka cluster support
• (gossip protocol)
![Page 49: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/49.jpg)
2014+ - SELENATE 3.0
• Akka cluster support
• (gossip protocol)
• Robot & Sikuli support
• OCR through Tesseract
![Page 50: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/50.jpg)
2013 – PATTERN MATCHING
• approx. hundred “lines” for what was previously a simple POST
![Page 51: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/51.jpg)
2013 – PATTERN MATCHING
• approx. hundred “lines” for what was previously a simple POST
• multiple selectors and failovers
• ID -> Name -> Title -> Regex
![Page 52: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/52.jpg)
2013 – PATTERN MATCHING
• approx. hundred “lines” for what was previously a simple POST
• multiple selectors and failovers
• ID -> Name -> Title -> Regex
• countless bugs & special cases
![Page 53: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/53.jpg)
2013 – PATTERN MATCHING
• approx. hundred “lines” for what was previously a simple POST
• multiple selectors and failovers
• ID -> Name -> Title -> Regex
• countless bugs & special cases
Refactoring special cases is DIFFICULT
![Page 54: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/54.jpg)
PHILOSOPHICAL YAMMER
I have seen things you people wouldn't believe...Submit buttons, disabled for days…I watched broken TLS implementations break 20% of all requests.All those bugs will be lost in time, because I didn’t take screenshots.
- Replicator node 7, Selenium Runner
![Page 55: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/55.jpg)
SECURITY THROUGH OBSCURITY
![Page 56: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/56.jpg)
SECURITY THROUGH OBSCURITY
![Page 57: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/57.jpg)
SECURITY THROUGH OBSCURITY
![Page 58: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/58.jpg)
SECURITY THROUGH OBSCURITY
Pro tip:Virtual Frame Buffer
(Xvfb)
![Page 59: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/59.jpg)
SECURITY THROUGH OBSCURITY
![Page 60: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/60.jpg)
SECURITY THROUGH OBSCURITY
![Page 61: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/61.jpg)
SECURITY THROUGH OBSCURITY
![Page 62: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/62.jpg)
SECURITY THROUGH OBSCURITY
LiveConnect?
![Page 63: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/63.jpg)
LIVECONNECT ._.
![Page 64: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/64.jpg)
LIVECONNECT ._.
Legend:
JRE version
Firefox version
Point in time
6u45
7u15
7u51
7u45
7u25
8u20
8u11
FF18 FF21
2011
2012
FF15
2013
FF29
FF40
![Page 65: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/65.jpg)
DANID PSYCHOLOGICAL OPERATIONS DIVISON SECRET WEAPON
![Page 66: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/66.jpg)
DANID PSYCHOLOGICAL OPERATIONS DIVISON SECRET WEAPON
Wuddlecakes
![Page 67: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/67.jpg)
DANID PSYCHOLOGICAL OPERATIONS DIVISON SECRET WEAPON
WuddlecakesFoofieface
![Page 68: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/68.jpg)
DANID PSYCHOLOGICAL OPERATIONS DIVISON SECRET WEAPON
WuddlecakesFoofiefaceWoogycute
LoverschnookumloveSchmoopiecake
WooglecakesCuddlypooPoofcuddle
MoopsiewookieWookumdarlingSnookieKissie
PLENTY MORE WHERE THAT CAME FROM!
![Page 69: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/69.jpg)
CATS ARE USELESS
Alice Bob
![Page 70: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/70.jpg)
CATS ARE USELESS
Alice Bob
![Page 71: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/71.jpg)
CATS ARE USELESS
Alice Bob
![Page 72: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/72.jpg)
Alice BobstEve
CATS ARE USELESS
![Page 73: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/73.jpg)
Alice BobstEve
CATS ARE USELESS
![Page 74: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/74.jpg)
Alice BobstEve
CATS ARE USELESS
![Page 75: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/75.jpg)
LESS RANTS,HIGER SECURITY BY 2015
![Page 76: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/76.jpg)
F.Q.A.
![Page 77: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/77.jpg)
F.Q.A.(Faked Questions from the Audience)
def doLogin(userCode: String, password: String) = { val UserCode = By.xpath("//input[@id and @name='username']") val Password = By.xpath("//input[@name='password']") val ButtonOk = By.xpath("//button[@name='loginButton']")
findElement(UserCode).sendKeys(userCode) findElement(Password).sendKeys(password) findElement(ButtonOk).click()}
![Page 78: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/78.jpg)
F.Q.A.(Faked Questions from the Audience)
def doLogin(userCode: String, password: String) = { val UserCode = By.xpath("//input[@id and @name='username']") val Password = By.xpath("//input[@name='password']") val ButtonOk = By.xpath("//button[@name='loginButton']")
findElement(UserCode).sendKeys(userCode) findElement(Password).sendKeys(password) findElement(ButtonOk).click()}
![Page 79: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/79.jpg)
F.Q.A.(Faked Questions from the Audience)
PhantomJS
CasperJS
SlimerJS
![Page 80: Man in the Middle Attack on Banks](https://reader037.fdocuments.us/reader037/viewer/2022102806/55757889d8b42adb7e8b49ee/html5/thumbnails/80.jpg)
THANX
Questions?
We’re hiring!