mitm attack mitm attack
play

MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 - PowerPoint PPT Presentation

Mar 01, 2024 •207 likes •552 views

MiTM Attack - Haifa-Sec MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013 MiTM Attack - Haifa-Sec MiTM Attack - Haifa-Sec DISCLAIMER DISCLAIMER 1 The following discussion is for informational

  1. MiTM Attack - Haifa-Sec MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  2. MiTM Attack - Haifa-Sec DISCLAIMER DISCLAIMER 1 – The following discussion is for informational and education 1 – The following discussion is for informational and education purpose only. purpose only. 2 – Hacking into private network without the written permission 2 – Hacking into private network without the written permission from the owner is Illegal and strictly forbidden. from the owner is Illegal and strictly forbidden. This could result to being charged with CRIMINAL ACT!!! This could result to being charged with CRIMINAL ACT!!! 3 – Misused could result in breaking the law so use it at your own 3 – Misused could result in breaking the law so use it at your own risk. risk. PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  3. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Abstract ● Networking ( 7-Layers ) ● Cryptography – Private/Public keys ● MiTM Attack PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  4. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Network 7-Layers - Schema PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  5. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Network 7-Layers - Schema PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  6. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Networking ● MAC – Media Access Control a unique id assigned to wireless adapters and routers. It comes in hexadecimal format (ie 00:11:ef:22:a3:6a) ● First 3 segments is manufacture ID(Intel,Apple,Samsung Etc.) AA:BB:CC:DD:EE:FF PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  7. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Networking ● Link Layer – The ARP Protocol ● Internet Layer – IP – Routing – ICMP PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  8. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Networking ● Transport Layer – TCP/IP – OS Fingerprinting ● Application Layer – Common Protocols – SMTP – HTTP – Part I PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  9. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Networking - WireShark ● A free and open-source graphical packet analyzer ● Contains many features and capabilities. ● Main purpose – network troubleshooting, analysis and debugging. ● Data is captured online or can be loaded from a file. ● Can display encapsulation and information regarding and according to the protocol used. ● Able to follow TCP streams ● Able to decode data based on protocol. PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  10. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack ARP Packets PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  11. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Private/Public Keys – Schema PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  12. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack MiTM Attack – Abstract ● The concept of MiTM Attack ● What attacking methods I'll demonstrate ● Demonstrations of the attacking methods PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  13. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack MiTM Attack – Attack vectors ● Physical Devices ● Social Engineering (mostly your brain & charm) ● Wireless networks PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  14. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack MiTM Attack – Explanation ● It is an attack in which a hacker places himself in between his potential victim and the host that victim communicates with ● The attack is able to see/manipulate all traffic sent between the two nodes. ● Because of the nature of the attack it has to be done over Layer-2 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  15. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack MiTM Attack – Schema PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  16. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Attack methods for this lecture ● Data manipulation ● SSL-Strip ● Faking SSL certificate PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  17. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Link Layer – the ARP ● Determining a network host's Link Layer or hardware address when only its Internet Layer (IP) or Network Layer address is known. ● Critical in local area networking as well as for routing internetworking traffic across gateways (routers) based on IP addresses when the next-hop router must be determined. ● Based on MAC Address – Hardware ID ● Class Demonstration – ipconfig /all – ARP Sniffing using Wireshark – Windows ping + arp command – Packet Structure and Process on wireshark 17 Jun 10, 2013 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  18. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Link Layer – ARP Poisoning ● Hacking technique used to attack an ethernet wired or wireless network. ● Allow an attacker to sniff data frames on a local area network (lan), modify the traffic, or stop the traffic altogether. ● The principle of the spoofing is to send fake, or "spoofed", arp messages to an ethernet lan. ● The aim is to associate the attacker's mac address with the ip address of another node (such as the default gateway). ● Any traffic meant for that ip address would be mistakenly sent to the attacker instead. 18 Jun 10, 2013 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  19. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Link Layer – ARP Poisoning ● The attacker could then choose to forward the traffic to the actual default gateway (passive sniffing) of modify the data before forwarding it (man-in-the-middle attack). ● The attack could also launch a denial-of-service attack against a victim by associating a nonexistent MAC address to the IP addresses of the victim's default gateway. 19 Jun 10, 2013 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  20. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Data Manipulation – Schema PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  21. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Data Manipulation – Demo ● Forwarding the packets echo 1 > /proc/sys/net/ipv4/ip_forward ● Taking over the dns request over the network dnsspoof -i eth0 ● Setting up a Proxy Server for HTTP/HTTPS launch burp suite 1 – Adding to proxy port 80 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  22. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack SSL-Strip – Schema PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  23. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack ettercap ● ettercap -P list ● Available plugins : – arp_cop 1.1 Report suspicious ARP activity – chk_poison 1.1 Check if the poisoning had success – dns_spoof 1.1 Sends spoofed dns replies – dos_attack 1.0 Run a d.o.s. attack against an IP address – find_conn 1.0 Search connections on a switched LAN – find_ettercap 2.0 Try to find ettercap activity – find_ip 1.0 Search an unused IP address in the subnet – finger 1.6 Fingerprint a remote host – gw_discover 1.0 Try to find the LAN gateway 23 Jun 10, 2013 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  24. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack ettercap ● isolate 1.0 Isolate an host from the lan ● pptp_clear 1.0 PPTP: Tries to force cleartext tunnel ● pptp_pap 1.0 PPTP: Forces PAP authentication ● pptp_reneg 1.0 PPTP: Forces tunnel re-negotiation ● rand_flood 1.0 Flood the LAN with random MAC addresses ● remote_browser 1.2 Sends visited URLs to the browser ● scan_poisoner 1.0 Actively search other poisoners ● search_promisc 1.2 Search promisc NICs in the LAN ● smb_clear 1.0 Tries to force SMB cleartext auth ● smb_down 1.0 Tries to force SMB to not use NTLM2 key auth ● stp_mangler 1.0 Become root of a switches spanning tree 24 Jun 10, 2013 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

  25. Introduction Networking MiTM Attack - Haifa-Sec Private/Public Keys MiTM Attack Ettercap filters ############################# # # # ettercap – replace bad stuff -- # # # ############################# ## if (ip.proto == TCP && tcp.src == 80) { replace("microsoft", "linux"); replace("Microsoft", "Linux"); msg("Filter Ran.\n"); } 25 Jun 10, 2013 PC-Labs May 29 2013 – MiTM Attack - Haifa-Sec

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

Software and Web Security 2 MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( ) MitM attack: attacker gets between the browser and the web server, eg eg by setting up a wifi access point

345 views • 9 slides
Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how

Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how

create your own exercise Christoph Schmidt, Team 1 Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how the NSA uses its access to the Backbone Goal 2: Understanding how MITM attacks can be done

1.02k views • 82 slides
MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

Software and Web Security 2 MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation by Moxie Marlinspike; see URL on course page sws2 1 MitM (Man-in-the-Middle) attacks MitM attack: attacker

971 views • 38 slides
Automa utomation tion of of Mit MitM M Attac Attack k on on WiFi iFi Netw Networ orks

Automa utomation tion of of Mit MitM M Attac Attack k on on WiFi iFi Netw Networ orks

Automa utomation tion of of Mit MitM M Attac Attack k on on WiFi iFi Netw Networ orks ks Martin Vondrek Author: Supervisor: Ing. Jan Pluskal Foreign supervisor: Dr Johann A. Briffa ) ) ) ) ) ) ) ) ) wifimitm Brno

332 views • 21 slides
s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space:

s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space:

s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space: time vs distance Remote key brute software protocol force relay attack side Fast Slow mitm channel Hardware attacks require: Hardware

360 views • 24 slides
s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

When Hardware Attacks s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance Remote key brute software protocol force relay attack side Fast Slow mitm channel Hardware attacks require:

688 views • 25 slides
Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT

Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT

Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT Corporation 07/Sep/2009 ISC2009@Pisa 1/22 Yu Sasaki, MitM using output truncation of 3 Haval Summary HAVAL is a hash function that can produce

507 views • 23 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
Neither Snow Nor Rain Nor MITM... Real World Email Delivery Security Zakir Durumeric

Neither Snow Nor Rain Nor MITM... Real World Email Delivery Security Zakir Durumeric

Neither Snow Nor Rain Nor MITM... Real World Email Delivery Security Zakir Durumeric University of Michigan How is your everyday email protected? Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security

943 views • 44 slides
Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security Zakir

Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security Zakir

Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, Kurt Thomas, Vijay Eranti, Nicholas Lidzborski, Elie Bursztein, Michael Bailey, J. Alex

522 views • 33 slides
Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security Nicolas

Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security Nicolas

Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security Nicolas Lidzborski, Elie Bursztein, Kurt Thomas, Vijay Eranti ( Google ) Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten, J. Alex Halderman ( University

432 views • 25 slides
Neither Snow Nor Rain Nor MITM ... An Empirical Analysis of Email Delivery Security by Zakir

Neither Snow Nor Rain Nor MITM ... An Empirical Analysis of Email Delivery Security by Zakir

Neither Snow Nor Rain Nor MITM ... An Empirical Analysis of Email Delivery Security by Zakir Durumeric, David Adrian, Ariana Mirian, James Kasten Elie Bursytein, Nicolas Lidzborski, Kurt Thomas, Vijay Eranti, Michael Bailey, J. Alex Champaign

357 views • 17 slides
Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet Server Client Attack vectors MAN DNS LAN Client Internet Back Bone Router Networking WWW overview MITM (Man In The Middle) 3 2 4 5 LAN

244 views • 23 slides
KCI-based MitM Attacks against TLS Prying Open Pandoras Box Clemens Hlauschek, Markus Gruber,

KCI-based MitM Attacks against TLS Prying Open Pandoras Box Clemens Hlauschek, Markus Gruber,

KCI-based MitM Attacks against TLS Prying Open Pandoras Box Clemens Hlauschek, Markus Gruber, Florian Fankhauser, Christian Schanes BS(l)idesVienna 0x7df whoami [ haku@bsidesbox ] % getent passwd whoami | awk F :

684 views • 33 slides
Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why

Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why

Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why Phishing Works. Gelernter, N., Kalma, S., Magnezi, B., & Porcilan, H. (2017). The Password Reset MitM Attack. What is Phishing? Dhamija, R.,

528 views • 50 slides
A Proof of MITM Vulnerability in Public WLANs Guarded by Captive Portal Author: Wei-Lin Chen

A Proof of MITM Vulnerability in Public WLANs Guarded by Captive Portal Author: Wei-Lin Chen

A Proof of MITM Vulnerability in Public WLANs Guarded by Captive Portal Author: Wei-Lin Chen Po-Kang Chen Quincy Wu Outline Introduction Motivation Related Works Authentication of Public WLAN Implementation &

426 views • 30 slides
Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia Rok Pape ARNES -

Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia Rok Pape ARNES -

1 Akademska in raziskovalna mrea Slovenije Case Studies - Case Studies - Eduroam in Slovenia Eduroam in Slovenia Rok Pape ARNES - Academic and research network of Slovenia aaa-podpora@arnes.si Eurocamp, Ljubljana, April 2006 2 Start

1.25k views • 18 slides
CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan

CSE 127: Introduction to Security Lecture 11: Network Attacks Nadia Heninger and Deian Stefan UCSD Fall 2019 Some material from Stefan Savage, David Wagner, and Nick Weaver Threat Modeling for Network Attacks Basic security goals:

804 views • 31 slides
Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's

Packet Sniffing and Spoofing 1 Shared Networks Every network packet reaches every computer's network Interface card, which then filters packets based on the MAC address. A network packet has multiple concatenated components. 2 How Packets

625 views • 39 slides
Shadow MACs: Scalable Label-switching for Commodity Ethernet Kanak Agarwal, Colin Dixon*, Eric

Shadow MACs: Scalable Label-switching for Commodity Ethernet Kanak Agarwal, Colin Dixon*, Eric

Shadow MACs: Scalable Label-switching for Commodity Ethernet Kanak Agarwal, Colin Dixon*, Eric Rozner, John Carter IBM Research, Austin, TX * now at Brocade 1 SDN: The Future! Rose-colored glasses: Fine-grained, dynamic control

719 views • 19 slides
Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006

Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006

Security in Mobile and Wireless Networks APRICOT Tutorial Perth Australia 27 February, 2006 Ray Hunt, Associate Professor Dept. of Computer Science and Software Engineering University of Canterbury, New Zealand 1 Security Issues in Wireless

1.52k views • 131 slides
Detection in IoT Networks Imtiaz Ullah and Qusay H. Mahmoud 33 rd Canadian Conference on

Detection in IoT Networks Imtiaz Ullah and Qusay H. Mahmoud 33 rd Canadian Conference on

A Scheme for Generating a Dataset for Anomalous Activity Detection in IoT Networks Imtiaz Ullah and Qusay H. Mahmoud 33 rd Canadian Conference on Artificial Intelligence 12-15 May 2020 Agenda Introduction Motivation Problem Statement

763 views • 28 slides
Preventing and detecting network attacks Harald Vranken 1 About me Open University &

Preventing and detecting network attacks Harald Vranken 1 About me Open University &

Advanced Network Security (2019-2020) Preventing and detecting network attacks Harald Vranken 1 About me Open University & Radboud University Office: Mercator I, room 2.16 (Friday) Email: harald.vranken@ou.nl Skype: harald.vranken

1.11k views • 62 slides
The Shepherd Project Automated security audits of web login processes Benjamin Krumnow

The Shepherd Project Automated security audits of web login processes Benjamin Krumnow

The Shepherd Project Automated security audits of web login processes Benjamin Krumnow Employee at the TH Kln External PhD student (50%) at the OU (~2 years) H. Jonker, M. Van Eekelen, H. Vranken, S. Karsch Joined the

565 views • 38 slides

More recommend