Hello Dear THT Members,
What is the man-in-the-middle (Mitm) attack on you in this position? We will answer the question.
MITM (Man In The Middle) is the oldest type of cyber attack. As it is evident from the name, it is an attack made by listening to the communication between two parties (the main purpose of intercepting the data through the connection between computers and switch, router, modem and s network devices. you can not only listen to the communication but also make all kinds of changes, you can disconnect between the two parties, you can create misleading communication.)
For example, you can see that your victim makes a transfer while making a bank transaction. You can change the account number and the money sent and control the flow of money.
ON WIRELESS NETWORKS, PACKETS ARE BROADCAST AND YOU CAN EASILY CAPTURE THEM WITHOUT ADDITIONAL PROCESSING.
So how does this Nahlet Breakout Attack take place? Let me put it this way:
I will give you an example with real life for all of us to understand. Mesella Will Send a Letter to Your Lover Reaches the Postman (The Postman Is Aggressive Here) The Postman reads the mail in Transit and makes changes and delivers it to the address. AND now the AGGRESSOR (OUR MAILER) has access to the information there This can be any information Contact information or something or something like that can make changes to the letter you wrote and ruin your relationship with your lover. It's a very bad situation. In the end, the postman here is a cyber hacker and is acting illegally. (Do Not Trust Every Mail
)
Let's Take a Look at MITM Attack Methods:
Stealing Browser Cookies:
These are the data that the website stores in your computer. As an Example: When we enter a site we write our information and it is stored in this browser (with our own permission) and the information is automatically written the next time we enter the site. Of course, Cyber Hackers can intercept browser traffic and get their password, address, etc.
SSL Hijacking:
SSL is a vulnerability protocol that allows the creation of a healing connection between our browser and the website. In order to try to see if a website is original, you can check the name of the site (Company Site) by clicking the lock on the address bar of the browser while on the Site.
SSL stripping is of the MITM type, appears to have a secure connection between the sender and the receiver, and this is misleading. The Cyber Pirate controls the session. Our Cyber Pirate delivers an unencrypted version of the application and website to the user through interception.
ARP Spoofing
This is the type of attack. Attackers attack the ARP (communication protocol) of the computer they have caught their eye with malicious software and poison the ARP. It then forces ARP packets to send data to the attacker's device. And it generates a large number of mandatory ARP requests. When a user sends a request, the attacker pretends to be a device, sending a fake response. Even if the attacks are successful, we are in control of the communication between the computer and the network device, just as in the case of the postman. The attacker takes full control. It then provides access to the data and important passwords in the Target person's computer, which is the Purpose of the Person in Between Attack, not content with reading the letters.
STP Mangling:
It blocks the STP Protocol and repeatedly sends a request for topology change.
Traffic Tunneling:
It is one of the types of attacks that helps Wixstra to tunnel and place itself in the internal network.
Attack Types: ICMP Redirection, IRDP Spoofing, Route Mangling, DHCP Spoofing, DNS Poisoning, Route Mangling
In the Next Topic, we will examine the methods of protection and the types of attacks written above. Happy Birthday Tht Members
Video Source:
How to Use Bettercap ? Man-in-the-Middle Attack (MITM)
Translator: @ByFelez
Subject Author: @Wixstra
Subject: https://www.turkhackteam.org/konular/ortadaki-adam-mitm-saldirisi-nedir.2016833/
