mttaggart, If I understand this "TunnelVision" thing correctly, a few things are important to note:
We're already inside a Rogue DHCP, so anything else after that feels like details.
Option 121 used as described would make a honkin' large DHCPOFFER, which would be a solid network detection.
TLS-encrypted traffic is still TLS-encrypted traffic. You'd need an additional AiTM attack to decrypt it, even without the VPN encapsulation.
Add comment