Penetration Test - Select Your Attacks(5)

Man in the middle exploits

ADDITIONAL NETWORK EXPLOITS
  • Man-in-the-middle
    • Family of attacks where the attack intercepts messages between a sender and receiver
    • Attack may modify, regenerate, or forward intercepted messages

Penetration Test - Select Your Attacks(5)

Penetration Test - Select Your Attacks(5)

MAN-IN-THE-MIDDLE EXPLOITS
  • ARP spoofing
    • Similar to DNS poisoning, but with local MAC address
  • Pass the hash
    • Attacker intercepts an NTLM hash (user credential) and reuses it to appear as an authenticated user to Windows
  • Replay
  • Relay
  • SSL(Secure Sockets Layer) stripping
  • Downgrade
  • DoS(Denial of Service)/stress test
  • NAC(Network Access Control) bypass
  • VLAN (Virtual Local Area Network) hopping
QUICK REVIEW
  • MITM attacker intercepts all traffic between sender and receiver
  • May be part of an attack chain
  • Multiple MITM possibilities, including ARP spoofing, pass the hash, replay attack
  • Useful to bypass normal network security controls

Penetration Test - Select Your Attacks(5)

上一篇:批量部署前端Node.js守护forever


下一篇:kubernetes快速入门17-Helm