Comment on Novel attack against virtually all VPN apps neuters their entire purpose
dgmib@lemmy.world 6 months agoI can’t see routing traffic to some kind of local presence and then routing back to the target machine to route out through the tunnel adapter without a successful compromise of at least one other vulnerability.
That’s not to say there’s nothing you could do… I could see some kind of social engineering attack maybe… leaked traffic redirects to a local web server that presents a fake authentication screen that phishes credentials , or something like that. I could only see that working in a very targeted situation… would have to be something more than just a some rouge public wi-fi. They’d have to have some prior knowledge of the private network the target was connecting to.
linearchaos@lemmy.world 6 months ago
We’re already assuming you have something that can compromise DHCP. Once you make that assumption who’s to say you don’t have a VM hanging out.