MITM: Difference between revisions

From charlesreid1
No edit summary
Line 1: Line 1:
Man in the Middle attacks can happen on wired networks, or on wireless networks.
For more on man in the middle attacks on wired networks, see [[Man in the Middle/Wired]]
For more on man in the middle attacks on wireless networks, see [[Man in the Middle/Wireless]]
=What It Is=
=What It Is=


Line 13: Line 20:
3. Building a bridge between the two connections so that traffic can continue to pass between the two parties and be observed/modified.
3. Building a bridge between the two connections so that traffic can continue to pass between the two parties and be observed/modified.


=Wired Network=
Man-in-the-middle attacks on a wired network are explained on the [[Man in the Middle/Wired]] page.
=Wireless Network=
A wireless network man-in-the-middle attack can be conducted a couple of different ways.
==ARP Cache Poisoning==
More on the [[ARP Poisoning]] page.
On a wireless router, ARP cache poisoning is only possible if the wireless router device itself has a physical switch built into it (i.e., multiple ethernet ports). If there is a single ethernet port or no ethernet ports, ARP cache poisoning will not work on that wireless router.
==Network Tap: Evil Twin Access Point==
The analogy of a physical tap, for a wireless network, is the Evil Twin access point attack. This creates a fake access point with the same information as the authentic access point. In this way, the target Sheep will connect to your device, rather than to the network device. Just as with a physical network tap, where the target device is physically connected to your network tap, with the Evil Twin access point the target device is wirelessly connected to your network tap.
This can be tricky to pull off, or even know when the Sheep is connected to your fake access point, as signal strength, distance, and scatter are important factors that are constantly shifting.
The [[Evil Twin]] page describes the configuration for the attack (but only half). This describes how a fake access point is created, and how a Sheep is tricked into connecting to the fake access point.


The [[Man in the Middle/Evil Twin]] page describes more details about the other half of the attack, namely, connecting to the network, and creating an interface to sniff traffic.


=Notes=
=Notes=
Line 50: Line 34:
===2015-08-25===
===2015-08-25===


Backing up a step.
Eliminating the complexity that wireless signals introduce, and backing up a step to attempt a man in the middle attack on a wired network.
 
Man in the middle experiments on a wired network.


[[Man in the Middle/Wired/ARP Poisoning]] - ARP poisoning attack was successful. Learned a lot about what the target of an attack will see, and what they won't see.




Revision as of 16:44, 29 August 2015

Man in the Middle attacks can happen on wired networks, or on wireless networks.

For more on man in the middle attacks on wired networks, see Man in the Middle/Wired

For more on man in the middle attacks on wireless networks, see Man in the Middle/Wireless


What It Is

A man-in-the-middle attack is a general concept from encryption. It consists of two parties, Alice and Bob, trying to have an encrypted conversation. However, it is foiled by an attacker, Eve, who gets in the middle. This means that Alice and Eve communicate with one encryption key, while Bob and Eve communicate with another key.

The Key Pieces

Any man in the middle attack on a computer network must have three key pieces:

1. Tricking the router/network device/destination into thinking they are connected to the Sheep, when they are really connected to the Attacker

2. Tricking the Sheep into thinking they are really connected to their router/network device/destination, when they are really connected to the Attacker

3. Building a bridge between the two connections so that traffic can continue to pass between the two parties and be observed/modified.


Notes

Evil Twin Attack

2015-08-24

Man in the Middle/Evil Twin

I've built an Evil Twin, gotten the sheep to connect, built a working bridge from the sheep to the internet, and sniffed the traffic with tcpdump. However, Wireshark and Ettercap both failed to recognize the bridge or see traffic on it, and I'm not sure what to do with it.

2015-08-25

Eliminating the complexity that wireless signals introduce, and backing up a step to attempt a man in the middle attack on a wired network.

Man in the Middle/Wired/ARP Poisoning - ARP poisoning attack was successful. Learned a lot about what the target of an attack will see, and what they won't see.





Defcon.png
aircrack-ng
a suite of tools for wireless cracking.


Aircrack  · Category:Aircrack


aircrack-ng

Many Ways to Crack a Wifi: Cracking Wifi

Aircrack Benchmarking: Aircrack/Benchmarking

WEP Attacks with Aircrack: Aircrack/WEP Cracking

WPA Attacks with Aircrack: Aircrack/WPA Cracking

Aircrack Hardware: Aircrack/Packet Injection Testing

Harvesting Wireless Network Information


airodump-ng

Basic Usage of Airodump


Category:Security  · Category:Wireless  · Category:Passwords


Flags  · Template:AircrackFlag  · e



Retrieved from "https://charlesreid1.com/w/index.php?title=MITM&oldid=8513"