automa utomation tion of of mit mitm m attac attack k on
play

Automa utomation tion of of Mit MitM M Attac Attack k on on - PowerPoint PPT Presentation

Sep 15, 2022 •114 likes •332 views

Automa utomation tion of of Mit MitM M Attac Attack k on on WiFi iFi Netw Networ orks ks Martin Vondrek Author: Supervisor: Ing. Jan Pluskal Foreign supervisor: Dr Johann A. Briffa ) ) ) ) ) ) ) ) ) wifimitm Brno

  1. Automa utomation tion of of Mit MitM M Attac Attack k on on WiFi iFi Netw Networ orks ks Martin Vondráček Author: Supervisor: Ing. Jan Pluskal Foreign supervisor: Dr Johann A. Briffa ) ) ) ) ) ) ) ) ) wifimitm Brno University of Technology University of Malta

  2. Available Tools for Specific Phases of the MitM Attack on Wireless Networks • Accessing wireless network • airmon-ng , airodump-ng , aircrack-ng, aireplay-ng , wifite, upc_keys , wifiphisher , Reaver Open Source, wpaclean , netctl • Tampering network topology • Framework for Man-In-The-Middle attacks , Scapy, dsniff, arpspoof, Yersinia • Capturing network traffic • Dumpcap 2017-04-22 Automation of MitM Attack on WiFi Networks 2/13

  3. Wi-Fi Machine-in-the-Middle • Python package wifimitm • Attack data for repetitive attacks • Captured traffic 2017-04-22 Automation of MitM Attack on WiFi Networks 3/13

  4. Wi-Fi Machine-in-the-Middle • Python package wifimitm • Attack data for repetitive attacks • Captured traffic • CLI tool wifimitmcli 2017-04-22 Automation of MitM Attack on WiFi Networks 3/13

  5. Wi-Fi Machine-in-the-Middle • Python package wifimitm • Attack data for repetitive attacks • Captured traffic • CLI tool wifimitmcli • Installation scripts • Requirements check • Python package setup • Documentation, man page 2017-04-22 Automation of MitM Attack on WiFi Networks 3/13

  6. Accessing wireless network Internet Scan Crack Connect AP Impersonate (phishing) STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 4/13

  7. Accessing wireless network Internet Scan Crack Connect AP Impersonate (phishing) STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 4/13

  8. Tampering network topology Internet Tampering network topology stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 5/13

  9. Tampering network topology Internet Tampering network topology stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 5/13

  10. Capturing network traffic Internet Capturing network traffic stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 6/13

  11. Capturing network traffic Internet Capturing network traffic stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 6/13

  12. Performance testing • 1 STA and 1 AP connected to the Internet • The performance impact is not critical. • Users of the network had no suspicion. • 8 STAs and 1 AP connected to the Internet • The performance impact is more severe. • Despite the performance impact, users had no suspicion. 2017-04-22 Automation of MitM Attack on WiFi Networks 7/13

  13. Internet R1 AP STA 1 wifimitm

  14. RTT STA1 – R1 10000 ms 1000 ms 100 ms 10 ms 1 ms 0 200 400 usual communication MitM

  15. Internet STA 1 STA 5 R1 STA 2 STA 6 AP STA 3 STA 7 STA 4 wifimitm STA 8

  16. RTT STA1 – R1 10000 ms 1000 ms 100 ms 10 ms 1 ms 0 200 400 usual communication MitM

  17. Utilization Automate WLAN test Penetration tester . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  18. Utilization Automate WLAN test Demonstrate danger of MitM Penetration tester . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  19. Utilization Automate WLAN test Demonstrate danger of MitM Penetration tester Develop using wifimitm Developer . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  20. Utilization Automate WLAN test Demonstrate danger of MitM Penetration tester Develop using wifimitm Capture traffic Developer Forensic researcher . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  21. Conc Conclusion lusion • Research published as bachelor’s thesis and software product in NES@FIT research group in May 2016. • Author received dean’s award and rector’s award in 2016. • Wi-Fi Machine-in-the-Middle (open-source) • Penetration testing, forensic investigation 2017-04-22 Automation of MitM Attack on WiFi Networks 13/13

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

Software and Web Security 2 MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( ) MitM attack: attacker gets between the browser and the web server, eg eg by setting up a wifi access point

345 views • 9 slides
Building Bridges # 2017ACA CAP Arkansas Ar kansas Cour Court t Automa utomation tion Pr

Building Bridges # 2017ACA CAP Arkansas Ar kansas Cour Court t Automa utomation tion Pr

Ways to avoid and to fix some common mistakes made in Contexte data entry PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Arkansas Ar kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst Systems

365 views • 20 slides
MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013

MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013

MiTM Attack - Haifa-Sec MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013 MiTM Attack - Haifa-Sec MiTM Attack - Haifa-Sec DISCLAIMER DISCLAIMER 1 The following discussion is for informational

552 views • 33 slides
Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how

Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how

create your own exercise Christoph Schmidt, Team 1 Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how the NSA uses its access to the Backbone Goal 2: Understanding how MITM attacks can be done

1.02k views • 82 slides
MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

Software and Web Security 2 MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation by Moxie Marlinspike; see URL on course page sws2 1 MitM (Man-in-the-Middle) attacks MitM attack: attacker

971 views • 38 slides
W HAT IS SESSION DIRECT ? # 2017ACA CAP SessionDirect is a separate processing environment

W HAT IS SESSION DIRECT ? # 2017ACA CAP SessionDirect is a separate processing environment

S ESSION D IRECT Michial Armstrong Quentin Moore PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst Systems ems Conf Confer

319 views • 15 slides
P RODUCING CARCTGL # 2017ACA CAP C OPYING CARCTGL # 2017ACA CAP P ASTING & F ORMATTING

P RODUCING CARCTGL # 2017ACA CAP C OPYING CARCTGL # 2017ACA CAP P ASTING & F ORMATTING

E XCELING WITH YOUR CARCTGL Michial Armstrong Teresa Shaw PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst Systems ems Conf

403 views • 14 slides
by a by a No Novel el Automa utomated ted Indent Indentation tion Tec echnique hnique

by a by a No Novel el Automa utomated ted Indent Indentation tion Tec echnique hnique

Wound ound Healing Healing Revealed ealed by a by a No Novel el Automa utomated ted Indent Indentation tion Tec echnique hnique Sotcheadt Sim 1,2 Martin Garon 2 Eric Quenneville 2 Michael D. Buschmann 1 1 Institute of Biomedical

246 views • 23 slides
Le Leveraging Technol chnology gy, Automa Automati tion, on, and and Rede defi fini ning ng

Le Leveraging Technol chnology gy, Automa Automati tion, on, and and Rede defi fini ning ng

7/22/2019 Le Leveraging Technol chnology gy, Automa Automati tion, on, and and Rede defi fini ning ng Recrui cruiti ting ng Bes Best Pra Practices Jeff Henderson Department of Justice Office of Human Resources Itin Itinerary The

361 views • 9 slides
DISTRICT COURT SCHEDULING Shaunette Guy and Lesia Hill Applications Specialists PHOTOGRAPH

DISTRICT COURT SCHEDULING Shaunette Guy and Lesia Hill Applications Specialists PHOTOGRAPH

DISTRICT COURT SCHEDULING Shaunette Guy and Lesia Hill Applications Specialists PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst

140 views • 13 slides
Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr

Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr

Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr Graphical phical Pr Prog ograms ams Car Carl Eastlund l Eastlund Ma Matthias F tthias Felleisen elleisen cce@ccs.neu.edu

489 views • 38 slides
S HEET - 101 Connie Compton & Lorna Cross Regional Court Administrators PHOTOGRAPH CREDIT

S HEET - 101 Connie Compton & Lorna Cross Regional Court Administrators PHOTOGRAPH CREDIT

J UVENILE C OVER S HEET - 101 Connie Compton & Lorna Cross Regional Court Administrators PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog

320 views • 11 slides
Judge s taking Attac hme nt and Psyc hopathology Andr e a L andini & Giuliana F lor

Judge s taking Attac hme nt and Psyc hopathology Andr e a L andini & Giuliana F lor

Judge s taking Attac hme nt and Psyc hopathology Andr e a L andini & Giuliana F lor it (Italy) An intr oduc tion to DMM in Milano T wo ho no ra ry judg e s in the Mino rs Co urt in Mila no invite d a ll the ir c o lle a g

433 views • 12 slides
Using U Unikernels to E o Enhan ance t the Attac ack- Resistance of S of Spire, a Ne a

Using U Unikernels to E o Enhan ance t the Attac ack- Resistance of S of Spire, a Ne a

Using U Unikernels to E o Enhan ance t the Attac ack- Resistance of S of Spire, a Ne a Network work-A -Attac ack-R -Resili lient t Intr In trus usion on-Tole olerant S SCADA f for or th the P Powe ower Gr r Grid Brad

677 views • 30 slides
A DMINISTRATIVE O RDER 21 K EY P ROVISIONS Once implemented, eFiling is mandatory only if: 1.

A DMINISTRATIVE O RDER 21 K EY P ROVISIONS Once implemented, eFiling is mandatory only if: 1.

T HE R OUTE TO M ANDATORY E F ILING Amanda Armstrong - Business Analyst Jackie Wray - Applications Specialist PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation

431 views • 10 slides
DING T EST A UTOMATION XTENDI OR V IR ON FOR IRTU TUALI LIZATION Sharookh Daru aruwalla

DING T EST A UTOMATION XTENDI OR V IR ON FOR IRTU TUALI LIZATION Sharookh Daru aruwalla

11/1/2013 C HALLENGES E XTE DING T EST A UTOMATION XTENDI OR V IR ON FOR IRTU TUALI LIZATION Sharookh Daru aruwalla Inte tel Corp rporati tion Intel Confidential Do Not Forward C ONT ONTEXT Automation essential to manage todays

395 views • 22 slides
Bsides Vienna 2016 Paul Coggin @PaulCoggin 1 1 OSI and TCP/IP Model OSI Model TCP/IP Model

Bsides Vienna 2016 Paul Coggin @PaulCoggin 1 1 OSI and TCP/IP Model OSI Model TCP/IP Model

Exploiting First Hop Protocols to Own the Network Bsides Vienna 2016 Paul Coggin @PaulCoggin 1 1 OSI and TCP/IP Model OSI Model TCP/IP Model 7 Application 6 Presentation Own the Network Application 5 Session Transport 4 Transport

585 views • 42 slides
2013 Full Year Result Terry Davis Group Managing Director John Murphy Managing Director Australian

2013 Full Year Result Terry Davis Group Managing Director John Murphy Managing Director Australian

2013 Full Year Result Terry Davis Group Managing Director John Murphy Managing Director Australian Beverages Nessa OSullivan Group Chief Financial Officer 18 February 2014 1 2013 Result Overview Difficult trading conditions in the

650 views • 18 slides
NoSQL and MongoDB 1 2 Introduction to NoSQL Based on a presentation by Traversy Media 3 What

NoSQL and MongoDB 1 2 Introduction to NoSQL Based on a presentation by Traversy Media 3 What

NoSQL and MongoDB 1 2 Introduction to NoSQL Based on a presentation by Traversy Media 3 What is NoSQL? Not only SQL SQL means Relational model Strong typing ACID compliance Normalization NoSQL means more freedom or flexibility 4

376 views • 34 slides
Mini Course on Epistemic Game Theory Toulouse, June 30 - July 3, 2015 Exercises Part I: Common

Mini Course on Epistemic Game Theory Toulouse, June 30 - July 3, 2015 Exercises Part I: Common

Mini Course on Epistemic Game Theory Toulouse, June 30 - July 3, 2015 Exercises Part I: Common Belief in Rationality Exercise 1. A game of cards Barbara, Chris and you are sitting in a bar, having a drink before the movie starts. You have

214 views • 9 slides
RMLL 2009 Network virtualisation using Netkit and Dynamips Cedric Foll 07.08.09 Cedric Foll

RMLL 2009 Network virtualisation using Netkit and Dynamips Cedric Foll 07.08.09 Cedric Foll

RMLL 2009 Network virtualisation using Netkit and Dynamips Cedric Foll 07.08.09 Cedric Foll cedric.foll@(laposte.net|education.gouv.fr) Network and security architect and Chef Security Officer (CSO) of French Ministry of Education Teacher

408 views • 21 slides
C URVY Y OGA E XPLORATION Module Two W HERE W E RE H EADED

C URVY Y OGA E XPLORATION Module Two W HERE W E RE H EADED

C URVY Y OGA E XPLORATION Module Two W HERE W E RE H EADED Class One : Alignment & Sun SalutaEon ModificaEons Class Two: The 3 Bs

351 views • 11 slides
L AUGHTER Y OGA IS THE B EST M EDICINE Ho Ho - Ha Ha Ha Presented by: Erin Langiano, R/TRO and

L AUGHTER Y OGA IS THE B EST M EDICINE Ho Ho - Ha Ha Ha Presented by: Erin Langiano, R/TRO and

L AUGHTER Y OGA IS THE B EST M EDICINE Ho Ho - Ha Ha Ha Presented by: Erin Langiano, R/TRO and Kellie Halligan, CTRS W HO ARE WE ? W HERE DO WE WORK ? Royal Ottawa Place is a unique long term care facility, providing care to individuals who

694 views • 20 slides
30 days to 30k as a yoga teacher Who is this for? Newly qualified yoga teacher

30 days to 30k as a yoga teacher Who is this for? Newly qualified yoga teacher

YOGA TEACHER CHALLENGE 30 days to 30k as a yoga teacher Who is this for? Newly qualified yoga teacher passionate; keen; want to share the benefits of this amazing practice with others so they benefit too. Existing yoga teachers

1.37k views • 62 slides

More recommend