Beautynetkorea

Saturday, October 17, 2009

Man-In-The-Middle attack (MITM)

 ana05     October 17, 2009     Hacking     No comments   

Many a times a question would arises in your mind,

What is MITM ?

ok you wouldn't be able to understand it so lets take an example,fig1-w100-h100

An attacker puts up a fake bank website and entices user to that website. User types in his password, and the attacker in turn uses it to access the bank's real website. Done right, the user will never realize that he isn't at the bank's website. Then the attacker either disconnects the user and makes any fraudulent transactions he wants, or passes along the user's banking transactions while making his own transactions at the same time.

 

Here is what the Wikipedia says about MITM :-

In cryptography, the man-in-the-middle attack (often abbreviated MITM), or bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).

A Man-in-the-middle attack can only be successful when the attacker can impersonate each endpoint to the satisfaction of the other. Most cryptographic protocols include some form of endpoint authentication specifically to prevent MITM attacks. For example, SSL authenticates the server using a mutually trusted certification authority.

 

Main_the_middle

MITM Techniques

Various defenses against MITM attacks use authentication techniques that are based on:

  • Public key infrastructures
  • Stronger mutual authentication

  • Secret keys (high information entropy secrets)

  • Passwords (low information entropy secrets)

  • Other criteria, such as voice recognition or other biometrics

  • Off-the-Record Messaging for instant messaging

  • Off-channel verification

  • Carry-forward verification

The integrity of public keys must generally be assured in some manner, but need not be secret. Passwords and shared secret keys have the additional secrecy requirement. Public keys can be verified by a Certificate Authority, whose public key is distributed through a secure channel (for example, with a web browser or OS installation). Public keys can also be verified by aweb of trust that distributes public keys through a secure channel (for example by face-to-face meetings).

 

See key agreement for a classification of protocols that use various forms of keys and passwords to prevent man-in-the-middle attacks.

MITM Tools For Hacking

  • dsniff - A tool for SSH and SSL MITM attacks monkey6.

  • Cain - A Windows GUI tool which can perform MITM attacks, along with sniffing and ARP poisoning
  • Ettercap - A tool for LAN based MITM attacks
  • Karma - A tool that uses 802.11 Evil Twin attacks to perform MITM attacks
  • AirJack - A tool that demonstrates 802.11 based MITM attacks
  • wsniff - A tool for 802.11 HTTP/HTTPS based MITM attacks
  • an additional card reader and a method to intercept key-presses on an Automated teller machine

 

 

The MITM attack could also be done over an https connection by using the same technique; the only difference consists in the establishment of two independent SSL sessions, one over each TCP connection. The browser sets a SSL connection with the attacker, and the attacker establishes another SSL connection with the web server. In general the browser warns the user that the digital certificate used is not valid, but the user may ignore the warning because he doesn’t understand the threat. In some specific contexts it’s possible that the warning doesn’t appear, as for example, when the Server certificate is compromised by the attacker or when the attacker certificate is signed by a trusted CA and the CN is the same of the original web site.

MITM is not only an attack technique, but is also usually used during the development step of a web application or is still used for Web Vulnerability assessments.

  • Share This:  
  •  Facebook
  •  Twitter
  •  Google+
  •  Stumble
  •  Digg
Email ThisBlogThis!Share to XShare to Facebook

Related Posts:

  • Xss PhishingHi there,There have constant reporting for phishing so tried to get a cool hack for you guys,as these hacks are becoming more and more famous day by d… Read More
  • How To Download as premium on all premium hosting !There have been a very long discussion on how to download on premium websites such as Rapidshare.com,MegaUpload.com,Megarotic.com and Sexuploader.com … Read More
  • How To Hack Windows 97 SecurityWell This is hack comes from one of my dear friends,i wanted something totally cool for you guys and that would help a lot,then at the right time i ge… Read More
  • Make Your Computer Talk !Yeah its a really big story behind this hack,I was just wandering here and there on the net,and then something tickled in my head that, How cool it wo… Read More
  • Impress Your Friends With Invisible Folders !!There have been many questions on how we actually hide a folder in windows Xp box.well its not that tuff if you have brain with some computer :) This … Read More
Newer Post Older Post Home

0 Comments:

Post a Comment



Popular Posts

  • Weekend Wrap-Up
    THIS WEEK: So, this week was exhausting! I spent most of my time wiping running noses, soothing coughs, waking up in the middle of the nigh...
  • Max Factor Radiant Lift Foundation
    Radiant Lift is Max Factor's latest foundation that promises a radiant finish and all day hydration. I was sent two of the darkest shade...
  • How To Download as premium on all premium hosting !
    There have been a very long discussion on how to download on premium websites such as Rapidshare.com , MegaUpload.com , Megarotic.com and S...
  • MISSHA LINE FRIENDS EDITION: NEW PRODUCTS
    Because one release is never enough. Not too long ago, MISSHA released a load of cute products in collaboration with LINE . This is the seco...
  • New in #80 - Hair Care Edition
     JOICO K-Pak Deep Penetrating Reconstructor I used to have this product many years ago when I had highlights and then dyed my hair red and b...
  • FARMASI Matte Liquid Lipsticks
    Od siječnja stižu upiti u inbox na Facebooku o Farmasi tekućim mat ruževima. Svi su se zanimali za njih, nitko se nije mogao dokopati ruževa...
  • The Beauty Products Going VIRAL On TikTok
    via Giphy If a product goes viral on TikTok it usually means one of two things: it’s either super affordable and/ or gives the most amazing...

Copyright © 2025 Beautynetkorea | Powered by Blogger
Design by Hardeep Asrani | Blogger Theme by NewBloggerThemes.com | Distributed By Gooyaabi Templates