Man In The Middle

Man In The Middle

Man In The Middle Definition:

The term “Man In The Middle” (MiTM) refers to a network layer attack vector used to capture credentials, session tokens and other sensitive information that an attacker could leverage to gain unauthorized access to systems and data.

The underlying concept of a man in the middle attack is quite simple.  An attacker places themselves directly in between the communication stream of a victim machine and their default gateway (usually a router or switch).  This can be accomplished physically by placing a small device such as a “Drop Box” in between the victim and the gateway.  Or virtually by sending spoofed Address Resolution Protocol (ARP) broadcasts to the victim and gateway causing them to update their ARP tables to point to the attacker’s machine.

In either method all traffic flowing to and from the victim machine must first route through the attacker, hence the name “man in the middle”. This allows them to take control of or capture any sensitive information being sent and received.

Man In The Middle Tools

Name Description
Ettercap A feature-rich suite of MiTM tools
Burp Suite An interception proxy and web testing framework
ARP Spoof A command-line tool for ARP poisoning
Scapy A Python library used for packet manipulation

Man In The Middle Example

Leave a Reply

Your email address will not be published. Required fields are marked *

Share This

Recent Posts

Latest Course

Penetration Testing

Categories

Metasploit

Web Application Hacking


Copyright 2018

css.php

Want To Be a Better Pentester

Join our mailing list and recieve FREE pentest tips, tricks, product reviews, news, article release notifications and more!

Thank you, now go check your email!!