Two security experts presented their work in which they have detailed the method to intercept SSL communications service. They said they had been able to proceed decompiling and deciphering source code of Dropbox.
Dhiru Kholia and Przemyslaw Wegrzyn, two security experts reveal a note (.pdf) in which they indicate the manner in which they were able to bypass the security measures of the storage tool and file sharing in the cloud called Dropbox. And they explain that they could intercept data from the servers of the service.
Student in the executable application, said they had decompiled source code of Dropbox to study the contours. After this, they were able to intercept SSL communications from the Dropbox servers and add a bypass of two-factor authentication that may be possible.
"We have described a method to bypass the security on two-factor authentication of Dopbox accounts. But it is actually relatively generic techniques to intercept data via code injection methods" specify Dhiru Kholia and Przemyslaw Wegrzyn.
In their announcement, hackers hope that the data storage service in the future will be more open to certain risks and safety practices known as reverse engineering.
Bookmarks