This document discusses various techniques for exploiting weaknesses in WiFi security to intercept and manipulate web traffic. It describes how unencrypted management frames and shared wireless media allow spoofing access points and intercepting sessions. With tools like LORCON, attackers can inject packets to hijack TCP streams and manipulate browsers by rewriting HTML, JavaScript and redirecting HTTPS to HTTP. Persistent attacks are also possible by caching manipulated content for long periods.
178. HTTP not so S var refs = document.getElementsByTagName('a'); for (var i = 0; i < refs.length; i++){ var rval = refs[i].getAttribute("href"); if (rval == null) { continue; } refs[i].setAttribute("href", rval.replace(/^https:/, "http:"); }