-
7/28/2019 Mitm Presentation
1/18
Man in the Middle Attack
Group-5
BC 39742 Capt Zayar Hlaing
BC 44436 Capt Thant Zin Soe
BC 45309 Capt Ohn Myat Soe
1
-
7/28/2019 Mitm Presentation
2/18
Introduction In most of LAN configurations, all communications
go through a gateway
(e.g. the router-switch). This means each connection between
within the
LAN is first sent to the gateway, then the gateway forwards it
to the proper
device. Thats why most of MITM attack is between a gateway and a
device
in the LAN.
MITM works by establishing connections to victim machines and
relaying
messages between them. In cases like these, one victim believes
it is
communicating directly with another victim, when in reality
the
communication flows through the host performing the attack. The
end result
is that the attacking host can not only intercept sensitive
data, but can also
inject and manipulate a data stream to gain further control of
its victims.
2
-
7/28/2019 Mitm Presentation
3/18
Definition of MITMA man-in-the-middle (MITM) attack is a form of
eavesdropping where
communication between two users is monitored and modified by
an
unauthorized party. Generally, the attacker actively eavesdrops
by
intercepting a public key message exchange and retransmits the
message
while replacing the requested key with his own.
In the process, the two original parties appear to
communicate
normally. The message sender does not recognize that the
receiver is an
unknown attacker trying to access or modify the message
before
retransmitting to the receiver. Thus, the attacker controls the
entire
communication.
3
-
7/28/2019 Mitm Presentation
4/18
Simple Flows of MITMA MITM is an active eavesdropping attack
where, in a communication
between two devices A and B, the attacker deceive A by
pretending he is B.
This means wheneverA wants to send a message to be, it actually
sent it to
the attacker who read the message then forward it to B in order
to make the
communication still working. The attacker can read all the
content of the
communication including mails, images and passwords.
4
-
7/28/2019 Mitm Presentation
5/18
Fiddler (MITM Proxy) Configuration
-
7/28/2019 Mitm Presentation
6/18
-
7/28/2019 Mitm Presentation
7/18
Fiddler (MITM Proxy) Configuration
-
7/28/2019 Mitm Presentation
8/18
Fiddler (MITM Proxy) Configuration
-
7/28/2019 Mitm Presentation
9/18
Fiddler (MITM Proxy) Configuration
-
7/28/2019 Mitm Presentation
10/1810
MITM Pen-test with Kali Linux
-
7/28/2019 Mitm Presentation
11/18
-
7/28/2019 Mitm Presentation
12/18
-
7/28/2019 Mitm Presentation
13/18
Type: echo 1 > /proc/sys/net/ipv4/ip_forward this will make
this value1.
13
-
7/28/2019 Mitm Presentation
14/18
-
7/28/2019 Mitm Presentation
15/18
root@kali :~#iptables-save
-
7/28/2019 Mitm Presentation
16/18
-
7/28/2019 Mitm Presentation
17/18
en, Fiddler can capture and Decode user name and passwords.
-
7/28/2019 Mitm Presentation
18/18
ConclusionA MITM is an active eavesdropping attack where, in a
communication
between two devices A and B, the attacker deceive A by
pretending he is B.
This means wheneverA wants to send a message to be, it actually
sent it to
the attacker who read the message then forward it to B in order
to make the
communication still working. The attacker can read all the
content of the
communication including mails, images and passwords.
18
