What is Man in the middle attack?
Man in the middle attack often abbreviated MITM is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.
The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances.(for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).
It is also known as bucket brigade attack, Janus attack and is sometimes known as fire brigade attacks. The term derives from the bucket brigade method of putting out a fire by handing buckets of water from one person to another between a water source and the fire.
In a man in the middle attack, the intruder uses a program that appears to be the server to the client and appears to be the client to the server. The attack may be used simply to gain access to the message, or enable the attacker to modify the message before retransmitting it.
MITM Attack tools
There are several tools to realize a MITM attack. These tools are particularly efficient in LAN network environments, because they implement extra functionalities, like the Arp spoof capabilities that permit the interception of communication between hosts.
- Packet Creator
- Ettercap
- Dsniff
- Cain e Abel
MITM Proxy only tools
Proxy tools only permit interaction with the parts of the HTTP protocol, like the header and the body of a transaction, but do not have the capability to intercept the TCP connection between client and server. To intercept the communication, it’s necessary to use other network attack tools or configure the browser.
- OWASP Web Scarab
- Paros Proxy
- Burp Proxy
- Proxy Fuzz
No comments:
Post a Comment