SSL MITM Attack Over Wireless
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

SSL MITM Attack Over Wireless

on

  • 15,338 views

 

Statistics

Views

Total Views
15,338
Views on SlideShare
8,381
Embed Views
6,957

Actions

Likes
2
Downloads
148
Comments
0

20 Embeds 6,957

http://www.securitytube.net 5629
http://securitytube.net 805
http://www.nsai.it 254
http://sociable-engineer.com 168
https://si0.twimg.com 41
http://translate.googleusercontent.com 24
http://www.slideshare.net 8
https://twimg0-a.akamaihd.net 6
http://plcvn.vn 4
http://webcache.googleusercontent.com 4
http://www.securityaddicted.com 3
http://secvids.net 2
http://216.239.59.104 2
http://106.10.137.112 1
http://localhost 1
http://www.foxreal.com 1
http://64.233.179.104 1
http://74.125.43.132 1
http://static.slideshare.net 1
https://twitter.com 1
More...

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SSL MITM Attack Over Wireless Presentation Transcript

  • 1. SSL Man-in-the-Middle Attack over Wireless Vivek Ramachandran http://www.SecurityTube.Net
  • 2. What is Man-in-the-Middle?
    • It is an attack in which a Hacker places himself in between his potential victim and the host that victim communicates with
    • He is able to see / manipulate all traffic sent between the two
    • Because of the nature of the attack it has to happen at Layer 2
  • 3. Tools of the Trade
    • Atheros chipset based wireless card (preferred)
    • Madwifi-NG drivers for setting card into AP mode
    • Dnsspoof Utility to send spoofed DNS replies
    • Delegated proxy server for performing SSL MITM
  • 4. Attack Premise Victim Hacker Internet default I am the “default” AP DnsSpoof Delegated Hacker is connected to the Internet Hacker sets up a wireless Honeypot HONEYPOT
  • 5. Attack Steps Victim Hacker Internet default DnsSpoof Delegated HONEYPOT DNS Request for mail.yahoo.com 192.168.1.1 192.168.1.2 DNS Reply mail.yahoo.com at 192.168.1.1 https://mail.yahoo.com Sends False Certificate Accepts Certificate Sends Authentication Data Forwards Data to the real Yahoo Server Forwards Reply from Yahoo back to Client
  • 6. Delegated – A closer look Delegated Yahoo Victim SPOOFED CERT YAHOO CERT Delegated Uses a self generated certificate to communicate with Client Delegated Uses Yahoo’s certificate to communicate with Yahoo email servers
  • 7. Demo
    • We will recreate this entire setup and see the demo in the next video
    • The video will feature the hack from a Victim’s perspective
    • Basics of making the setup have been discussed in this video already
    • Left as an exercise for the user to recreate the setup