man in the middle attack

Man In The Middle Attack

NIIT University, NeemranaSeptember 11, 2014Anshuman Mishra

Rahul JainAbhishek

Tibrewala

2

Agenda

Introduction

Key Concept

Interactions Susceptible to MITM Attack Different Attacks in Different Scenarios:

Tools Used

Types of MITM Attack

3

Agenda

Introduction

Key Concept

Interactions Susceptible to MITM Attack Different Attacks in Different Scenarios:

Tools Used

Types of MITM Attack

IntroductionA Man-in-the-Middle attack is a type of cyber attack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. A Man-in-the-Middle Attack allows a malicious actor to intercept, send, and receive data meant for someone else, or not meant to be sent at all, without either outside party knowing until it is too late. Man-in-the-Middle attacks can be abbreviated in many ways including, MITM, MitM, MiM, or MIM.

5

Agenda

Introduction

Key Concept

Interactions Susceptible to MITM Attack Different Attacks in Different Scenarios:

Tools Used

Types of MITM Attack

Key ConceptMan-in-the-Middle is a type of eavesdropping attack that occurs when a malicious actor inserts himself as a relay/proxy into a communication session between people or systems.

A MITM attack exploits the real time processing of transactions, conversations, or transfer of other data.

A Man-in-the-Middle attack allows an attacker to intercept, send, and receive data never meant to be for them without either outside party knowing until it is too late.

Example:(1/2)

Example: Continue…(2/2)

9

Agenda

Introduction

Key Concept

Interactions Susceptible to MITM Attack Different Attacks in Different Scenarios:

Tools Used

Types of MITM Attack

Interactions Susceptible to MITM AttackFinancial sites – between login and authenticationConnections meant to be secured by public or private keysOther sites that require logins – where there is something to be gained by having access

11

Agenda

Introduction

Key Concept

Interactions Susceptible to MITM Attack Different Attacks in Different Scenarios:

Tools Used

Types of MITM Attack

Different Attacks in Different Scenarios:

LAN LOCAL TO REMOTE

ARP Poisoning ARP Poisoning

DNS Spoofing DNS Spoofing

STP Mangling DHCP Spoofing

Port Stealing ICMP Redirection

  IRDP Spoofing

Route Mangling

REMOTE  

DNS Poisoning WIRELESS

Traffic Tunneling  

Route Mangling Access Point Reassociation

13

Agenda

Introduction

Key Concept

Interactions Susceptible to MITM Attack Different Attacks in Different Scenarios:

Tools Used

Types of MITM Attack

Types of MITM AttackInjectionKey ManipulationDowngrade AttackFiltering

Examples: Key Manipulation

Examples: Filtering

Examples: ARP Poisoning

18

Agenda

Introduction

Key Concept

Interactions Susceptible to MITM Attack Different Attacks in Different Scenarios:

Tools Used

Types of MITM Attack

Tools UsedCain and AbelWiresharkKali LinuxEttercap

SSL StripVM Ware

USB WI-FI Adapter

20

Thank you