DefCon 2012 - Subterfuge - Automated MITM Attacks
11
Christopher M. Shields r00t0v3rr1d3 Ma1hew M. Toussain 0sm0s1z
-
Upload
michael-smith -
Category
Technology
-
view
120 -
download
2
description
Transcript of DefCon 2012 - Subterfuge - Automated MITM Attacks
Christopher M. Shields r00t0v3rr1d3
Ma1hew M. Toussain
0sm0s1z
Chris – Custom Attack Tools and Project Management
Matt – Interface Design and Framework Development
Basic ARP Poison
Heavy Network Traffic
Periods of MITM Loss
Python Tool With Scapy
Intelligent Network
Poison
Dynamic Poison Retention
Ø HTTPS Downgrade Attack Ø Use as a Web Proxy Ø Customizations for Subterfuge
A New MITM Tool –
Ø Intuitive Interface Ø Easy to use Ø Silent and Stealthy Ø Open Source
Ø Server/Client Architecture Ø MITM Utilities Ø Module Builder Ø Configuration Options
Ø Credential Harvesting Ø HTTP Code Injection Ø Denial of Service Ø Network View
? ? ?