Verified on 2017-12-02
Verified by Ruben
Browsers Firefox, Chrome
OS Microsoft Windows 7, 10
Description This template redirects requests sent from the victim system to the Zalando web server to a server that is controlled by the attacker. Dabei wird HTTPS/HSTS durch DNS CNAME Umleitung umgangen.
Impact The attacker can read the unencrypted data flowing between the victim system and the Zalando server. This way the attacker can for example read the login, ordering or payment procedure.