You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have been looking at APKs that use v2ray for proxy services. The APKs include a configuration file that includes a password for the outbound connections. They also have inbound proxy configurations. I have two questions:
If an attacker extracts the password from the config file as I have, is it possible to decrypt the connections and/or man-in-the-middle the proxied connections?
Assuming the APK is marketed strictly as a typically VPN/proxy where one uses it to, for example, stream geoblocked content, is it odd to have inbound proxy configurations?
For 1, I am guessing it is possible for an attacker to decrypt the traffic and/or mitm the proxied connections, but I'd like to double check with experts on this. For 2, I assume it is not normal for a conventional proxy to be configured for inbound connections as well, but again, I'd like expert feedback on this.
Thank you for your time and help and if I need to add anything to this post or modified it to be consistent with posting convention, please let me know.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hello,
I have been looking at APKs that use v2ray for proxy services. The APKs include a configuration file that includes a password for the outbound connections. They also have inbound proxy configurations. I have two questions:
If an attacker extracts the password from the config file as I have, is it possible to decrypt the connections and/or man-in-the-middle the proxied connections?
Assuming the APK is marketed strictly as a typically VPN/proxy where one uses it to, for example, stream geoblocked content, is it odd to have inbound proxy configurations?
For 1, I am guessing it is possible for an attacker to decrypt the traffic and/or mitm the proxied connections, but I'd like to double check with experts on this. For 2, I assume it is not normal for a conventional proxy to be configured for inbound connections as well, but again, I'd like expert feedback on this.
Thank you for your time and help and if I need to add anything to this post or modified it to be consistent with posting convention, please let me know.
Beta Was this translation helpful? Give feedback.
All reactions