Man in the Middle

Data that travels over the air and how to protect (or decipher) it

Man in the Middle

Post by d000m on Sat Jul 13, 2013 3:31 am
([msg=76434]see Man in the Middle[/msg])

Hello guys i am working on MITM attack and could do that on virtual machines well i want to ask that is there any way can i can use it outside the network?Like on some webserver and grab the traffic of each user?
d000m
New User
New User
 
Posts: 4
Joined: Sat Jul 13, 2013 3:28 am
Blog: View Blog (0)


Re: Man in the Middle

Post by -Ninjex- on Sat Jul 13, 2013 4:09 am
([msg=76435]see Re: Man in the Middle[/msg])

Yes, basically you as the attacker would split the original connection into 2 new connections, one between the client and yourself and the other between yourself and the server. Once the connection is intercepted, you begin to act as a proxy, being able to read, insert and modify the data in the intercepted communication.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1172
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Man in the Middle

Post by d000m on Sat Jul 13, 2013 4:38 am
([msg=76436]see Re: Man in the Middle[/msg])

thanks and can you point me some papers where i could study more on it in detail
d000m
New User
New User
 
Posts: 4
Joined: Sat Jul 13, 2013 3:28 am
Blog: View Blog (0)


Re: Man in the Middle

Post by 0phidian on Sat Jul 13, 2013 10:58 am
([msg=76438]see Re: Man in the Middle[/msg])

d000m wrote:thanks and can you point me some papers where i could study more on it in detail


https://www.youtube.com/watch?v=gNhyjPxuy5w&feature=c4-overview&playnext=1&list=TLxLTIiyEgZqE
User avatar
0phidian
Poster
Poster
 
Posts: 257
Joined: Sat Jun 16, 2012 7:04 pm
Blog: View Blog (0)


Re: Man in the Middle

Post by d000m on Sat Jul 13, 2013 12:37 pm
([msg=76440]see Re: Man in the Middle[/msg])

Thanks alot

0phidian wrote:
d000m wrote:thanks and can you point me some papers where i could study more on it in detail


https://www.youtube.com/watch?v=gNhyjPxuy5w&feature=c4-overview&playnext=1&list=TLxLTIiyEgZqE


-- Sat Jul 13, 2013 3:57 pm --

well that helped alot in understanding the whole process going on but i still cant figure out how can i do that attack outside the network focusing on one webserver and all the traffic that comes to that server e.g

www.abcsite.com

all the traffic that comes to that site i intercept that and sniff it.
d000m
New User
New User
 
Posts: 4
Joined: Sat Jul 13, 2013 3:28 am
Blog: View Blog (0)


Re: Man in the Middle

Post by mShred on Sun Jul 14, 2013 10:30 am
([msg=76446]see Re: Man in the Middle[/msg])

Well that's actually a multistep process. To be able to sniff traffic on a server other than your own, you'd have to gain access to that server or the network of the victim. Also keep in mind that it's a little different in regards to network traffic and processing server requests.
You could gain access to the network of an individual (which may require an MITM attack in itself) then run your MITM on them. Or you could try to gain access to the server and sorting through logs. But both can be pretty complicated.
Image

For those about to rock.
User avatar
mShred
Administrator
Administrator
 
Posts: 1687
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)


Re: Man in the Middle

Post by d000m on Sun Jul 14, 2013 1:20 pm
([msg=76458]see Re: Man in the Middle[/msg])

ahan so to hack a webserver i shud check the ports and try to break in through that?
d000m
New User
New User
 
Posts: 4
Joined: Sat Jul 13, 2013 3:28 am
Blog: View Blog (0)


Re: Man in the Middle

Post by Indigo111 on Fri Mar 07, 2014 9:00 pm
([msg=79773]see Re: Man in the Middle[/msg])

You need to "poison" the ARP replies/requests from the victim; They "poisoning" will redirect/intercept their connection to the server through you. But before you can do MITM attacks, you need to intercept their ARP requests/replies.
Indigo111
New User
New User
 
Posts: 1
Joined: Tue Jul 23, 2013 11:47 pm
Blog: View Blog (0)


Re: Man in the Middle

Post by Goatboy on Sat Mar 08, 2014 7:05 pm
([msg=79780]see Re: Man in the Middle[/msg])

Last post is 8 months ago. Let it die.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2788
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests