Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Man In The Middle - Hacking Illustrated

37,475 views

Published on

See how man-in-the-middle is performed. Step by step instructions and diagrams showing how this attack works

Published in: Technology
  • Sex in your area is here: ❶❶❶ http://bit.ly/2F90ZZC ❶❶❶
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Follow the link, new dating source: ♥♥♥ http://bit.ly/2F90ZZC ♥♥♥
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THIS BOOKS INTO AVAILABLE FORMAT (Unlimited) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download Full EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download Full doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download PDF EBOOK here { https://soo.gd/qURD } ......................................................................................................................... Download EPUB Ebook here { https://soo.gd/qURD } ......................................................................................................................... Download doc Ebook here { https://soo.gd/qURD } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book THIS can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer THIS is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story THIS Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money THIS the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths THIS Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Hi,
    You say ' Dsniff needs to see the entire session to get the credentials. Entire session includes the disconnection or logging off. So you have to end the session before the credentials are actually grabbed. Close your ftp session, then go back to your Backtrack terminal and see the login information.'
    How can see user and pass before ftp is closed ?
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • man-in-the-middle is performed to easy explain
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Man In The Middle - Hacking Illustrated

  1. 1. Man in The Middle Demystified<br />Keatron Evans<br />Senior Instructor<br />
  2. 2. Still one of the most dangerous attacks.<br />While most security professionals and administrators understand MiTM conceptually, few can actually execute it and prove to the laymen that it is a valid and real threat. In this presentation I’ll give a step by step complete with screenshots on exactly how it’s done.<br />
  3. 3. How does it happen?<br />Basically an attack on the arp protocol.<br /><ul><li>When computers communicate across a network the initiator sends an arp request that asks who has a particular ip address.
  4. 4. This request is broadcast to everyone on the LAN and depends on the only response coming from the true holder of said IP address.
  5. 5. The protocol has no built-in functionality to tell if the response comes from the true source.
  6. 6. Additionally, there’s no rule in the arp protocol that says one has to wait for a request to send a response!</li></li></ul><li>The Setup!<br /><ul><li>We’ll be using two servers.
  7. 7. One server will authenticate to another via ftp.
  8. 8. We’ll use Backtrack and arpspoof them both.
  9. 9. The arpspoof makes each victim 1 believe I’m victim 2 and make victim 2 believe I’m victim 1.
  10. 10. Once we’ve got this in place, I’ll turn on ip forwarding on Backtrack which allows me to route the packets on to the intended recipient, while still allowing me to “see” the packets.
  11. 11. We’ll have dsniff running as well to conveniently grab the credentials from the packets.</li></li></ul><li>Communications before attack<br />Normal traffic flow<br />Victim 2<br />IP address 192.168.2.138<br />Victim 1<br />IP address 192.168.2.128<br />Man in The Middle<br />IP address 192.168.2.135<br />
  12. 12. Communications after attack<br />Desired traffic flow<br />Victim 2<br />IP address 192.168.2.138<br />Victim 1<br />IP address 192.168.2.128<br />Man in The Middle<br />IP address 192.168.2.135<br />
  13. 13. Step 1<br />Let’s setup Backtrack properly first. There is chance that once you start it, you didn’t get an ip or your ethernet/or wireless interface wasn’t enabled. We’ll need to bring the interface up first. Then we’ll need to have it get an ip address via dhcp. So let’s do those things.<br />
  14. 14. Backtrack ifconfig command<br />
  15. 15. Eth0 interface is down so let’s bring it up;<br />
  16. 16. After the up command we enter ifconfig again and see that eth0 is now up.<br />
  17. 17. Now we need to tell it to get an ip address via a dhcp request. The command is /etc/init.d/networking restart<br />
  18. 18. It gets an ip address from your dhcp server. Verify it with ifconfig again. We see we have an ip of 192.168.2.135.<br />
  19. 19. Now we go to our first victim and see that its’ ip is 192.168.2.128.<br />
  20. 20. Victim 2 has an ip address of 192.168.2.138.<br />
  21. 21. Here’s the Filezilla ftp server running on victim 1. <br />
  22. 22. Let’s verify that the two victims can communiate. I’m issuing a continuos ping from victim 2 (.138) to victim 1 (.128).<br />We’ll let this ping run continously because we’re going to interrupt it with our arpsoof and verify our spoof is working.<br />
  23. 23. Now we go back to our Backtrack and open three terminal shells (you’ll need all three). First arpspoof victim 2 to victim 1. In other words, make victim 1 think you’re victim 2. Now in the second terminal, do the exact opposite. See below.<br />
  24. 24. Once you hit enter on both terminal windows, you’ll see that it’s telling victim 1 that .138 is at the Backtrack mac address, while also telling victim 2 that .128 is at the Backtrack mac address.<br />
  25. 25. We verifty that the spoof is working by seeing if the pings we started earlier on victim 2 are now failing. See below.<br />
  26. 26. We have now successfully diverted both victims traffic to our Backtrack. Now we need to enable ip forwarding so we can now route this traffic to it’s intended destination.<br />
  27. 27. Once we’ve enabled ip forwarding, go back and check your pinging victim 2 and see that the pings are now successful again. Congrats! You’re now man in the middling. But we need to grab credentials. So we’ll need another tool for that.<br />
  28. 28. To grab authentication credentials, we’ll start up dsniff. See below.<br />
  29. 29. Now go to victim 2 and stop your pings. Then ftp to the ftp server running on victim 1. <br />
  30. 30. Next login with whatever credentials you’ve set up on it.<br />
  31. 31. Once you’ve successfully logged in you should see whatever files you have in your ftp store.<br />
  32. 32. Here’s the important part. Dsniff needs to see the entire session to get the credentials. Entire session includes the disconnection or logging off. So you have to end the session before the credentials are actually grabbed. Close your ftp session, then go back to your Backtrack terminal and see the login information. Feeling l33t yet?<br />
  33. 33. Closing<br />Lessons.<br />It is a classic mistake for the laymen and sometimes even security professionals to think that the answer is always the use of strong passwords. In the case of a man in the middles attack a strong 20 character complex password with numbers, letters, and special characters, is obtained just as easily and quickly as a 5 character letters only password.<br />Join us in one of our Ethical Hacking classes where I or another of our world class instructors will teach you how to perform man in the middle against encrypted protocols such as SSL.<br />Thanks for watching! <br />Keatron Evans<br />THIS PRESENTATION ALSO AVAILABLE ON Resources.InfosecInstitute.com<br />

×