SSL MITM Attack Over Wireless
Upcoming SlideShare
Loading in...5
×
 

SSL MITM Attack Over Wireless

on

  • 15,139 views

 

Statistics

Views

Total Views
15,139
Views on SlideShare
8,189
Embed Views
6,950

Actions

Likes
2
Downloads
146
Comments
0

18 Embeds 6,950

http://www.securitytube.net 5629
http://securitytube.net 805
http://www.nsai.it 254
http://sociable-engineer.com 163
https://si0.twimg.com 41
http://translate.googleusercontent.com 24
http://www.slideshare.net 8
https://twimg0-a.akamaihd.net 6
http://webcache.googleusercontent.com 4
http://plcvn.vn 4
http://www.securityaddicted.com 3
http://secvids.net 2
http://216.239.59.104 2
http://localhost 1
http://www.foxreal.com 1
http://64.233.179.104 1
http://74.125.43.132 1
http://static.slideshare.net 1
More...

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SSL MITM Attack Over Wireless SSL MITM Attack Over Wireless Presentation Transcript

  • SSL Man-in-the-Middle Attack over Wireless Vivek Ramachandran http://www.SecurityTube.Net
  • What is Man-in-the-Middle?
    • It is an attack in which a Hacker places himself in between his potential victim and the host that victim communicates with
    • He is able to see / manipulate all traffic sent between the two
    • Because of the nature of the attack it has to happen at Layer 2
  • Tools of the Trade
    • Atheros chipset based wireless card (preferred)
    • Madwifi-NG drivers for setting card into AP mode
    • Dnsspoof Utility to send spoofed DNS replies
    • Delegated proxy server for performing SSL MITM
  • Attack Premise Victim Hacker Internet default I am the “default” AP DnsSpoof Delegated Hacker is connected to the Internet Hacker sets up a wireless Honeypot HONEYPOT
  • Attack Steps Victim Hacker Internet default DnsSpoof Delegated HONEYPOT DNS Request for mail.yahoo.com 192.168.1.1 192.168.1.2 DNS Reply mail.yahoo.com at 192.168.1.1 https://mail.yahoo.com Sends False Certificate Accepts Certificate Sends Authentication Data Forwards Data to the real Yahoo Server Forwards Reply from Yahoo back to Client
  • Delegated – A closer look Delegated Yahoo Victim SPOOFED CERT YAHOO CERT Delegated Uses a self generated certificate to communicate with Client Delegated Uses Yahoo’s certificate to communicate with Yahoo email servers
  • Demo
    • We will recreate this entire setup and see the demo in the next video
    • The video will feature the hack from a Victim’s perspective
    • Basics of making the setup have been discussed in this video already
    • Left as an exercise for the user to recreate the setup