Add interactive CA signing cert creation and insertion into backdoored ISO
Opened this issue · 0 comments
hackers-terabit commented
Need to add an option and process whereby a user can interactively create CA signing cert/keys. we will place the public CA cert in the backdoored ISO.
We would also want to generate a signed certificate for the backdoor hosting server, we can potentially forward the redirection to a HTTPS URL.
A user might look at the download URL, it would be whatever the attacker specifies, for example for http://mirror.someuni.com the backdoor server's URL could be https://mirror.someuni.securedownloads.com
It would legitimize (in the eyes of most users) the redirection.