Geek Answers Handbook

MITM attack on SSL non-SSL publishing

I understand how this post represents the theoretical possibility of an attacker manipulating non-SSL forms in the path to the victim; can anyone state how this manipulation can take place IRL? A step-by-step example, including the required set of tools, would be ideal.

+4
source share
3 answers

Yes, it is possible to run MITM to publish SSL. Here's how it works.

  • First you need to carry out an ARP poisoning attack against the target machine [victim] and make sure that traffic from this target machine passes through yours. Some time ago I wrote about this here . You can use dsniff for this.

  • Set up sslstrip on your computer. I am also blogging about this someday.

  • What sslstrip does is it will delete all “https” and replace it with “http”, so the connection between the target machine and you will be in clear text and you can see something from the target machine.

  • sslstrip creates an SSL connection to the destination server.

Thanks...

+7
source
  • The browser loads the form using HTTP.
  • The form is modified in transit by an attacker who changes the HTTPS feedback address to a custom URL.
  • After the user is ready to submit the form, an HTTPS connection will be established on the server.
  • Since the attacker changed the URL, the user will try to connect to the attacker.
  • The attacker server will send a certificate for authentication.
  • Typically, the browser will not trust the certificate, and the browser will warn you.
  • The user must click the "Cancel" button, otherwise the data will be sent to the attacker.
    There is another case.
  • An attacker has a certificate signed by a trusted object.
  • At this point, the browser will not warn the user, and the attacker will receive the form data.
    If this attack succeeded IMO, it depends on how "educated" the user is.
+2
source

Yes, an MITM attack is possible. But in this case, the user will receive a warning that the certificate cannot be verified for a reputable site.

Here is a tutorial on how to do this:

http://resources.infosecinstitute.com/mitm-using-sslstrip/

+1
source

More articles:


All Articles