Downloaded 14 times
Uploaded byShritesh Bhattarai
Bettercap
This document discusses man-in-the-middle attacks using ARP spoofing. It explains how ARP works and its vulnerabilities, such as a lack of authentication. It then describes how an attacker can send spoofed ARP messages to trick other clients on the network into updating their ARP mappings and sending traffic to the attacker instead of the intended destination. The document recommends defenses like static ARP entries, physical security, and encryption to help prevent man-in-the-middle attacks. It also notes that while technology can help, humans and slow adoption of security practices contribute to ongoing issues.
![Carlos García - Pentesting Active Directory Forests [rooted2019]](https://cdn.slidesharecdn.com/ss_thumbnails/carlosgarcia-rooted2019-pentestingactivedirectoryforests-public-190403185357-thumbnail.jpg?width=640&height=640&fit=bounds)
Bettercap
- 1. MAN INTHE MIDDLEATTACKS @shritesh TennesseeTech CyberEagles Club
- 2. ARP • Address ResolutionProtocol • RFC 826 (1982) • “IP Address to MAC Address for Ethernet” • Request <=> Reply • Response is cached
- 3. ARP - PROBLEMS •Entries are simple mappings • Stateless • No authentication • Ethernet stack depends heavily on ARP
- 4. ARP SPOOFING • Clientin a network sends spoofed ARP messages • Other clients update their ARP mappings • Traffic is sent to the malicious client Wikipedia: 0x55534C
- 5. MITM ATTACK WITHETTERCAP TennesseeTech CyberEagles Club April 29
- 7. ENTER: BETTERCAP • Writtenin Ruby // Opinionated • Works on *nix • Easy and intuitive • Extendible • Batteries Included • Actively Developed
- 8. BETTERCAP • Network Discovery •ARP Poisoning • Credential Sniffer • Proxy • Reset
- 9. DEMOTIME • Simulate ‘casual’network • WAN connection with Router
- 10. DEFENSES • Static ARP* •Physical Security • ArpON,ARPDefender, … • Encryption: HTTPS (HSTS),TLS, …
- 11. BIGGER PICTURE • Securityis difficult • Technology adoption is slow • Humans >Technical Flaws
- 12.