Man-In-The-Middle attack (MITM)

Man-In-The-Middle attack (MITM)

We have seen lot of people talking about Man-In-The-Middle attack. For those who don't know about it, here's a short article on it

What is MITM ?

Lets have an example first. An attacker puts up a fake bank website and entices user to that website. User types in his password, and the attacker in turn uses it to access the bank's real website. Done right, the user will never realize that he isn't at the bank's website. Then the attacker either disconnects the user and makes any fraudulent transactions he wants, or passes along the user's banking transactions while making his own transactions at the same time.

Here's what Wikipedia says "In cryptography, the man-in-the-middle attack (often abbreviated MITM), or bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by the attacker.

The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle)."

A Man-in-the-middle attack can only be successful when the attacker can impersonate each endpoint to the satisfaction of the other. Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, SSL authenticates the server using a mutually trusted certification authority.

Techniques :

Various defenses against MITM attacks use authentication techniques that are based on: Public key infrastructures

Stronger mutual authentication

Secret keys (high information entropy secrets)

Passwords (low information entropy secrets)

Other criteria, such as voice recognition or other biometrics

Off-the-Record Messaging for instant messaging

Off-channel verification

Carry-forward verification

The integrity of public keys must generally be assured in some manner, but need not be secret. Passwords and shared secret keys have the additional secrecy requirement. Public keys can be verified by a Certificate Authority, whose public key is distributed through a secure channel (for example, with a web browser or OS installation). Public keys can also be verified by aweb of trust that distributes public keys through a secure channel (for example by face-to-face meetings).

Man-In-The-middle in action:


Tools For Hacking :

dsniff - A tool for SSH and SSL MITM attacks monkey6.

Cain - A Windows GUI tool which can perform MITM attacks, along with sniffing and ARP poisoning

Ettercap - A tool for LAN based MITM attacks

Karma - A tool that uses 802.11 Evil Twin attacks to perform MITM attacks AirJack - A tool that demonstrates 802.11 based MITM attacks

wsniff - A tool for 802.11 HTTP/HTTPS based MITM attacks an additional card reader and a method to intercept key-presses on an Automated teller machine

The MITM attack could also be done over an https connection by using the same technique; the only difference consists in the establishment of two independent SSL sessions, one over each TCP connection. The browser sets a SSL connection with the attacker, and the attacker establishes another SSL connection with the web server. In general the browser warns the user that the digital certificate used is not valid, but the user may ignore the warning because he doesn’t understand the threat. In some specific contexts it’s possible that the warning doesn’t appear, as for example, when the Server certificate is compromised by the attacker or when the attacker certificate is signed by a trusted CA and the CN is the same of the original web site.

Enjoy.......

Subscribe Us & Be Our Prom
2 Komentar untuk " Man-In-The-Middle attack (MITM) "

What i don't realize is in truth how you're no longer really much more smartly-preferred than you may be now.

You are so intelligent. You understand therefore significantly on the subject of this topic, made me for my part believe it from
so many various angles. Its like men and women don't seem to be involved unless it's one thing to do with Girl gaga!
Your personal stuffs excellent. Always deal with it up!



Feel free to visit my homepage where to buy video recorders

Excellent post but I was wanting to know if you could write
a litte more on this topic? I'd be very thankful if you could elaborate a little bit more. Kudos!

my blog post - network video recorder

Back To Top