Man In The Middle
Man In The Middle Definition:
The term “Man In The Middle” (MiTM) refers to a network layer attack vector used to capture credentials, session tokens and other sensitive information that an attacker could leverage to gain unauthorized access to systems and data.
The underlying concept of a man in the middle attack is quite simple. An attacker places themselves directly in between the communication stream of a victim machine and their default gateway (usually a router or switch). This can be accomplished physically by placing a small device such as a “Drop Box” in between the victim and the gateway. Or virtually by sending spoofed Address Resolution Protocol (ARP) broadcasts to the victim and gateway causing them to update their ARP tables to point to the attacker’s machine.
In either method all traffic flowing to and from the victim machine must first route through the attacker, hence the name “man in the middle”. This allows them to take control of or capture any sensitive information being sent and received.
Man In The Middle Tools
Name | Description |
---|---|
Ettercap | A feature-rich suite of MiTM tools |
Burp Suite | An interception proxy and web testing framework |
ARP Spoof | A command-line tool for ARP poisoning |
Scapy | A Python library used for packet manipulation |
Man In The Middle Example
Share This
Recent Posts
- Playing With the New Burp Suite REST API
- Burp Suite 2.0 Beta Review
- Attacking Palo Alto Networks PAN-OS ‘readSessionVarsFromFile()’
- GPG Errors While Updating Kali Linux
- Installing Kali NetHunter on HTC Nexus 9
Subscribe To Our Mailing List
The Ultimate Burp Suite Training Program
Learn Network Penetration Testing
Penetration Testing
Categories
- AWBS
- Burp Suite
- Definitions
- Forensics and Incident Response
- Information Gathering
- Metasploit
- Penetration Testing Tutorials
- Phishing
- Presentations
- Tools
- Web Applications
- Wireless