MITM Attack

MITM Attack

In this post you are going to learn, what is MITM attack, examples, phases, preventions & tools to perform MITM Attack.

What is MITM Attack - A man-in-the-middle or person-in-the-middle (PITM) is a type of cyberattack where an attacker places himself between two users or computers and tries to intercept the data or alters the data or steals the data and forwards it to the sender/receiver.
One more form of MITM is MITB i.e. man-in-the-browser where in, an attacker places a bot in the browser to steal the details of the users and then sends it to an attacker.

Example - There are two users - A, B & there is an attacker in between them. User A asks user B to send public key of user B so that user A can encrypt the message and send it to the user B. User B sends it's public key to user A, since an attacker is in between them he gets the public key of user B and sends it's own public key to the user A.

User A thinks the public key he received is of user B so he sends the encrypted message to user B using an attacker's public key. Now an attacker receives the message before it reaches to the user B and decrypts the message using it's own public key and either he steals the message or alters the message and after reading the message he encrypts the message using user B's public key and forwards it to B.

None of them is aware about the violation of privacy occurring between their conversation. Hence successful MITM takes place in this manner.



 
Phases - 

MITM consists of two phases - Interception & Decryption.

Interception -  Here an attacker sniffs the data, captures the data, intercepts the data for its own purpose.

Methods to do interception - 

  • IP Spoofing
  • ARP Poisoning
  • DNS Poisoning

Decryption - Since data transmission takes place in an encrypted form, the data needs to be decrypted without alerting user or application.

Methods to do decryption -

  • HTTP Poisoning
  • SSL Hijacking
  • SSL Stripping
  • SSL Beast

Prevention - 

1. Keeping an eye on browser's protocol whether it is secured or not secured.
2. Not connecting to the WIFI having no password protection.
3. Not using public networks while transmission of sensitive information.
4. Paying attention to browser's notifications.


Tools - 

1. Ettercap
2. DSniff
3. PacketCreator


Learn : DNS







 

Comments

Post a Comment

Popular

Ethical hacking terminologies

Image
Ethical Hacking Terminologies  Following is the list of terms that are frequently used in the field of ethical hacking . If you are not aware of these terms then it would be difficult for you to understand the concept of ethical hacking properly. Thus knowing this will ease your process of going further in this domain. Vulnerability -  A weakness, flaw or loophole in a system, network or any device that can be exploited. Threat -  A danger that can exploit an existing bug or vulnerability to compromise the security of a network system. Attack - An action that is done to extract a sensitive data by getting unauthorized access of a system. Phishing - A process where an attacker creates fake website or url which looks like a legit page but it's to trap the user to get sensitive data. Backdoor -  A hidden entry point which can bypass the authentication process i.e logins and passwords also known as trapdoor. Brute
Read more

OSI model

Image
OSI model OSI model is an acronym for Open Systems Interconnection is used to define how data is transferred from one system to another system in a computer network. Now you may ask how a network is formed? If two computers are connected to each other with LAN cables, connectors and Network Interface Card forms a network. Since the designing and infrastructure won't be similar of two computers the OSI model was introduced by ISO(International Organization for Standardization) in 1984 for a successful communication between computers or networks. OSI model consists of  7 different layers 1. Application layer 2. Presentation layer 3. Session layer 4. Transport layer 5. Network layer 6. Data link layer 7. Physical layer Now I'm going to give a mnemonic to remember the OSI model Please-Do-Not-Throw-Sausage-Pizza-Away, easy right? Application layer - Application layer does not include applications like chrome, firefox instead it incl
Read more

Phases of ethical hacking

Image
Phases of Ethical Hacking  In order to be successful in hacking, a hacker needs to follow some steps or you can say phases which involves 5 crucial stages which helps hackers to make a structured ethical hacking attack. Reconnaissance : This is the first phase of hacking   where an attacker gathers as much information as possible. It is also called as footprinting or information gathering. Information that we collect is divided in three groups - network, host, people. There are two types of reconnaissance  - Active & Passive. Active - Direct communication is involved to gather information about the target. Information can be regarding an individual or an organization so anytime if somebody is taking too much interest on you or your background - Be alert! Tools used to scan a network can be Nmap , Hping , etc Passive - Here indirect communication takes place. Information can be gathered using social media websites or public websites. Scanning :  Here an
Read more