Ethical Experts
Ethical Experts

A Community Dedicated to Helping and Learning . Here You Will Get Hacking Tutorials and Monetizing Methods . We Hope You Have a Pleasant Stay
HomeHome  SearchSearch  FAQFAQ  RegisterRegister  Log in  
Still Currently working on the forum design, until I find a perfect design that can sit there for the whole life :p .. Please Bare with us if you see the design change while / after you refresh a page or return ! Sorry for the Inconvenience ~!

Display results as :
Rechercher Advanced Search
Latest topics
» Hack Pack : Largest Hacking Tools Collection
Tue Apr 28, 2015 9:35 am by THE-OUTSIDER

» Hi everyone!
Fri Nov 07, 2014 11:24 pm by zekrum

» Hacking Email ID's
Thu Sep 25, 2014 7:22 pm by NAVEEN KUMAR . S

» entering in a computer binary
Sat Sep 20, 2014 1:29 pm by erosh23

» hi hackers
Sat Sep 20, 2014 1:26 pm by erosh23

» Introduce Yourself !
Sat Sep 20, 2014 1:23 pm by erosh23

» Hello guys
Wed Jul 30, 2014 10:52 pm by RZero67

» need botnet like zues Betabot or any good botnet files please admin help me
Fri Jul 25, 2014 9:44 pm by sire_roktiv

» Extension Spoofer v0.1 [Beta Release]
Fri Jul 11, 2014 9:33 am by The Joker

Most Viewed Topics
Hack Pack : Largest Hacking Tools Collection
Hack Your BroadBand !! RISK FREE !!
How to Hack the Windows Admin Password Using OphCrack in Backtrack tutorial
Hacking With Keyloggers Prorat
How to Get Unlimited time in an Internet Cafe ... :D
How to Hack Websites & Servers - Tutorial
Cracking a WPA/WPA-2 Password.. ;)
Backtrack and Facebook
Credit Card Generating Sequence
hack wifi netcat
Facebook Like
Similar topics

Share | 

 SSL Man In the Middle Attack

Go down 
The Joker

Posts : 182
Join date : 2012-06-11
Age : 27

PostSubject: SSL Man In the Middle Attack    Mon Sep 03, 2012 6:44 am

in this post we will have our look on how a Man In The Middle (MITM) attacks can be performed over SSL and TSL encrypted data transfer. The attack uses SSL strip developed by Moxie Marlin Spike with a ARP spoofing tool and a packet sniffer. The attack can be exclusively performed from UNIX and Linux based platforms hence I suggest you to use Dsniff. Practically SSL strip was developed to demonstrate how an attacker can lead visitors to visit his/her site from legitimate site. The attack used misinterpretation of null characters vulnerability which existed in several certificates during 2009.

I think its not good to demonstrate how attack can be performed since Moxie Marlin Spike has already provided a nice tutorial on his own website with a video.

Click this link to have a look on tutorial.

Here we gonna discus scene behind attack means why this attack is possible. Following figure demonstrates what happens when your data gets encrypted before it reaches its destination.

As you can see first of all your data goes to the CA authorities (SSL provider) for verification and then actual key exchange takes place, the scenario remains as it is even in LAN. Therefore if an attacker manages to fake out as CA authority it can sniff encrypted connection.

How attacker manages to fake out as authority?

1.First the attacker needs that all traffic in network should pass from his/her system.
2.So he/she performs ARP poisoning attack. (for more info on ARP poisoning read Packer Sniffer section).
3.Now he/she installs SSL strip in his/her system with respect to access point of network.
4.By doing so attacker manages to act as CA authority for all traffic that will pass from his/her system.

What goes behind the scene?
When victim tries to connect remote system using SSL connection. It asks for trust from a CA authority
and when it asks for trust to authority, SSL strip (which is installed in attacker's system) manages to reply with positive response. The SSL strip grants permission for connection using null-termination certificate and it guarantees attacker that the connection will just appear as HTTPS but all data transfer will be done using HTTP. Note that connection would be HTTPS but work as HTTP since null certificate does not provide any security and attacker will successful sniffing packets from SSL connection.

The best countermeasure I can suggest over this kind of attack is installing anti-sniffing and arp spoofing detection tools. And for clients in LAN never ever trust any connection that you would be making from your LAN network.

Do NOT PM me until you are DONATING or Your Upgrade  hasn't been completed even after you have purchased it .
If is one of the above, you can either choose to PM or mail me ..
Back to top Go down
View user profile
SSL Man In the Middle Attack
Back to top 
Page 1 of 1
 Similar topics
» Lexapro, Xanax and Anxiety attacks
» character battle
» Aura again! 2 days in a row....

Permissions in this forum:You cannot reply to topics in this forum
Ethical Experts :: Hacking Section :: Hacking Tutorials-
Jump to: