Man-in-the-Middle Attack
http://it.toolbox.com/wiki/index.php/Man-in-the-Middle_Attack
updated Dec 8, 2008 1:24 am
| 28,517 views
Man-In-The-Middle attack is the type of attack where attackers intrude into an existing connection to intercept the exchanged data and inject false information. It involves eavesdropping on a connection, intruding into a connection, intercepting messages, and selectively modifying data.
Contents
[Hide TOC ]
- 1 DEFINITION
- 1.1 MEMO
- 1.2 Other Definitions
- 1.2.1 Wikipedia [2]
- 1.2.2 Javvin Technologies [3]
- 1.2.3 Melani [4]
- 2 OVERVIEW
- 3 SCENARIOS
- 3.1 Public Key Exchanging
- 3.2 Command Injection
- 3.3 Malicious Code Injection
- 3.4 Downgrade Attacks - SSH V2 to V1
- 3.5 Downgrade Attacks - IPSEC Failure
- 3.6 Downgrade Attacks - PPTP
- 4 MITM TECHNIQUES [6]
- 4.1 Local Area Network
- 4.2 From Local To Remote (through a gateway)
- 4.3 Remote
- 5 TOOLS
- 5.1 Ettercap [7]
- 5.2 Dsniff [8]
- 5.3 Yersinia [19]
- 6 FOLLOW-UP: RISK SHEET
- 7 REFERENCE
- 8 SEE ALSO
- 9 RELATED LINKS
- 9.1 Articles
- 9.2 Blog Entries
- 9.3 Forum Discussions
- 9.4 PowerPoint Stuff
- 9.5 Video Demo
[ edit ]
DEFINITION
-
The term "Man-in-the-middle attack" (MITM attack) refers to the type of attack where the attacker intrudes into the communication between the endpoints on a network to inject false information and intercept the data transferred between them.
-
[ edit ]
MEMO
- MITM attack is also known as:
- Bucket-brigade attack
- Fire brigade attack
- Monkey-in-the-middle attack
- Session hijacking
- TCP hijacking
- TCP session hijacking
- Name Origin: The name "Man-in-the-Middle" is derived from the basketball scenario where two players intend to pass a ball to each other while one player between them tries to seize it. MITM attacks are sometimes referred to as "bucket brigade attacks" or "fire brigade attacks." Those names are derived from the fire brigade operation of dousing off the fire by passing buckets from one person to another between the water source and the fire.[1]
-
[ edit ]
Other Definitions
-
[ edit ]
Wikipedia [2]
-
In cryptography, the man-in-the-middle attack or bucket-brigade attack (often abbreviated MITM), sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection when in fact the entire conversation is controlled by the attacker.
-
[ edit ]
Javvin Technologies [3]
Man-in-the-Middle Attack (MITM) is a type of attack where a user gets between the sender and receiver of information and sniffs any information being sent.
-
[ edit ]
Melani [4]
Man-in-the-middle attacks (MITM)
-
Attacks in which the attacker infiltrates unnoticed the communication channel between two partners and is thereby able to spy on or even modify their data exchanges.
-
[ edit ]
OVERVIEW
-
Man-in-the-Middle attacks are often referred to as "session hijacking attacks", suggesting that the intruder aims to gain access to a legitimate user's session to tamper it. The attack usually starts with sniffing and eavesdropping on a network stream, and ends with trying to alter, forge or reroute the intercepted data.
-
Man-in-the-Middle attacks are usually selected by hackers against public-key cryptosystems. In a public key scenario, hackers may substitute the intercepted public key with their forged public keys. Quite often in such cases, the victim parties are made to believe that they remain safe in communicating with each other. [1]
-
A common MITM attack scenario may involve the attacker having insinuated into the communication between a client and a server. In such scenarios, the attacker often transmits deceitful messages between the client and the server to make them feel safe in communicating with each other. Technically, the attacker can use a program which appears like a server to the client or vice versa.
-
The client/server scenario can be simply illustrated below:
-
|<<-Request-->>| |<<-Request-->>|
Client |---Decrypt-->>|MITM attacker|---Recrypt-->>| Server
|<<-Response->>| |<<-Response->>|
-
In MITM attacks, the attacker tries to get between two target network endpoints, and proxies all the communication between them. Once the trial is successful, further attacks to be launched may include sniffing the passing packets, hijacking already authenticated sessions, injecting packets or commands to the server, and sending the forged responses to the victim client.
-
MITM attacks are chiefly intended for sensitive and valuable information. MITM attacks are frequently chosen to intercept both HTTP and HTTPS communications. However, a successful MITM attacker has to deceitfully direct the target endpoint (i.e., the victim) to the attacker's proxy server instead of the real server.
-
One of the objectives for MITM attacks is to gain access to the client's messages and modify them before finally transmitting them to the server end. Other objectives of MITM can be to mislead the communicators at the client or server end, to intercept pertinent information (e.g., identity, address, password, or any other confidential information for malicious purposes) and also, at times, manipulate transactions.
-
[ edit ]
SCENARIOS
-
[ edit ]
Public Key Exchanging
-
MITM attacks are a common risk to web-based financial transaction systems - e.g., e-business websites, payment gateways, and online banking, insurancing and credit card servicing platforms. MITM attacks may lead to identity thefts and financial frauds.
-
In such a scenario, a MITM attacker may intercept the communication of public keys exchanged by the client and the server, and modify the public keys for a malicious purpose. To successfully avoid any suspicion from either relevant party, the attacker must also intercept the relevant encrypted messages and responses, and use the correct public keys to decrypt and recrypt them for all communication segments in every instance. Such attacking jobs, though seemingly too tough to accomplish, pose a real risk to insecure networks (e.g., the Internet, and wireless networks). [5]
-
[ edit ]
Command Injection
-
Command injection, as an older type of common injection attacks, [14] is chiefly chosen by MITM attackers to hijack an already authenticated session, inject commands to the server and emulate fake replies to the client. [6]
-
[ edit ]
Malicious Code Injection
-
MITM attackers can insert codes into mails, SQL statements and web pages(i.e., SQL injection, HTML/script injection or cross-site scripting), and even modify the binary files being downloaded to implant victim clients with a backdoor or to change the execution process of the downloaded programs. [6]
-
[ edit ]
Downgrade Attacks - SSH V2 to V1
-
Alberto Ornaghi and Marco Valleri observe that MITM attackers may manage to change the parameters exchanged between the target endpoints (e.g., server and client) at the start of their connection. [6] According to their presentation at Blackhat Conference Europe 2003, the MITM attacker may "force the client to initialize a SSH1 connection instead of SSH2" via a filter to substitute the parameter "1.99" for SSH V2 with the one "1.51" for SSH V1. Meanwhile, Alberto and Marco also classify such scenarios as those of "Parameters and Banners Substitution." [15]
-
[ edit ]
NOTE
-
- Downgrade Attacks - SSH V2 to V1: The term "Downgrade Attack" here refers to an attack that forces the victims to use the less secure features, functions or protocols which remain supported for backward-compatibility reasons. Downgrade attacks may cover SSH (Secure SHell), IPSEC (Internet Protocol SECurity), and PPTP (Point-to-Point Tunneling Protocol).
The SSH protocol is an encrypted network protocol with command-line access capabilities. SSH V1 (i.e., SSH Version 1, also known as "SSH-1" and "SSH1") has security flaws so that attackers may perceive the usually encrypted data exchanged between the client and the server. SSH V2 made some security improvements over SSH V1: e.g., the Diffie-Hellman key exchange and the integrity checking via message authentication codes. Although SSH V2 is preferred by most legal hosts, SSH V1 is still supported for the purpose of backward compatibility. In the above-mentioned downgrade attack scenario, a MITM attacker can force the client and the server to use the vulnerable SSH V1 protocol before the encryption starts. [16]
[ edit ]
Downgrade Attacks - IPSEC Failure
-
MITM attackers may impede the keymaterial exchanged on UDP Port 500 to deceive the victims into thinking that an IPSEC connection cannot start on the other side. That would result in the clear text stream over the connection without being noticed if the victim host is configured in rollback mode. [15]
-
[ edit ]
Downgrade Attacks - PPTP
-
During the protocol negotiation phase at the beginning of a PPTP session, MITM attackers may force the victims to use the less secure PAP authentication, MSCHAP V1 (i.e., downgrading from MSCHAP V2), and even no encryption at all.
-
Attackers can also force re-negotiation (Terminate-Ack packet in clear text), steal passwords from existing tunnels, and repeat previous attacks.
-
Attackers can compel "password change" to get password hashes that can be utilised directly by a modified SMB or PPTP client. MSCHAP V1 hashes can also be forceed.
-
[ edit ]
NOTE
-
- PPTP: PPTP (Point-to-Point Tunneling Protocol) is a protocol for VPN implementation. Microsoft MSCHAP-V2 or EAP-TLS is used to authenticate PPTP connections. The EAP-TLS (Extensible Authentication Protocol-Transport Layer Security) is certificate based, and thus is a safer security option for PPTP than MSCHAP-V2. [17]
-
[ edit ]
MITM TECHNIQUES [6]
-
The techniques used for MITM attacks can be classified below in consideration of the following three network environment types:
- Local Area Network
- From Local To Remote (through a gateway)
- Remote
[ edit ]
Local Area Network
-
- ARP spoofing
- Briefing: ARP (Address Resolution Protocol) spoofing is also known as "ARP poisoning" or ARP Poison Routing. The attacker may use ARP spoofing to sniff data frames on LAN and to modify the packets. The attacker may corrupt the ARP caches of directly connected hosts and finally take over the IP address of the victim host.
- Tools used:
- ARPoison is a UNIX Command-line tool that can be used to create spoofed ARP packets.
- Ettercap can be used for filtering, hijacking, poisoning, sniffing, including SSH v.1 sniffing (transparent attack).
- Dsniff can be used for poisoning, sniffing, including SSH v.1 sniffing (proxy attack)
- Parasite is a daemon used to watch a LAN for ARP requests and automatically send spoofed ARP replies.
- DNS spoofing
- Briefing: The attacker starts by sniffing the ID of any DNS request, and then replies to the target requests before the real DNS server.
- Tools used:
- ADM DNS spoofing tools can spoof DNS packets via various active and passive methods.
- Ettercap (Plugin needed: phantom plugin )
- Dsniff (dnsspoof)
- Zodiac can be used for DNS name server versioning, DNS local spoofing (answering DNS queries before the remote name server), DNS jizz spoofing, and DNS ID spoofing.
- IP address spoofing
- Briefing: The attacker creates IP packets with a forged source IP address in order to conceal the identity of the packet sender or to impersonate another computer system. (This method of attack on a remote system can be very difficult, because it involves modifying thousands of packets at a time. This type of attack is most effective where trust relationships exist between endpoints.)
- Tools used:
- Hping can be used to prepare spoofed IP datagrams with only a one-line command, and the attacker can send the prepared datagrams to almost any target victim.
- Spoofed IP
- Port stealing
- Briefing: The term "Port Stealing" refers to the MITM technique used to spoof the switch forwarding database (FDB) and usurp the switch port of the victim host for packet sniffing on Layer 2 switched networks. The attacker starts by flooding the switch with the forged ARP packets that contain the same source MAC address as that of the victim host and the same destination MAC address as that of the attacker host. Note that those packets are invisible to other host on the same network. Now that the victim host also sends packets to the switch at the same time, the switch will receive packets containing the same source MAC address with two different ports. Therefore, the switch will repeatedly alter the MAC address binding to either of the two ports by referencing the relevant information in the packets. If the attacker's packets are faster, the switch will send the attacker the packets intended for the victim host. Then the attacker sniffs the received packet, stops flooding and sends an ARP request for the victim’s IP address. After receiving the ARP reply from the victim host, the attacker will manage to forward the "stolen" packet to the victim host. Finally, the flooding is launched again for another attacking cycle. [18]
- Tools used:
- Ettercap (Plugin needed: Confusion plugin )
- STP mangling
- Briefing: STP (Spanning-Tree Protocol) mangling refers to the technique used for the attacker host to be elected as the new root bridge of the spanning tree. The attacker may start either by forging BPDUs (Bridge Protocol Data Units) with high priority assuming to be the new root, or by broadcasting STP Configuration/Topology Change Acknowledgement BPDUs to get his host elected as the new root bridge. By taking over the root bridge, the attacker will be able to intercept most of the traffic.
- Tools used:
- Ettercap (Plugin needed: Lamia plugin )
- Yersinia
-
[ edit ]
From Local To Remote (through a gateway)
- ARP poisoning
- DNS spoofing
- DHCP spoofing (e.g., Spoofing the DHCP Server)* is a type of attack on DHCP server to obtain IP addresses using spoofed DHCP messages
- Gateway spoofing (usually, spoofing the default gateway)
- ICMP redirection
- IRDP spoofing - route mangling
-
[ edit ]
Remote
-
- DNS poisoning
- Route mangling
- Traffic tunneling
-
[ edit ]
TOOLS
-
The fowllowing tools are commonly used for launching, detecting or testing MITM attacks.
-
[ edit ]
Ettercap [7]
-
- Tool Name: Ettercap
- Current Version: NG-0.7.3 (Release Date: May 29, 2005)
- Developer: Alberto Ornaghi, Marco Valleri
- Platform/OS:
- FreeBSD 4.x 5.x;
- Linux 2.0.x, 2.2.x, 2.4.x, 2.6.x;
- Microsoft Windows 2000/XP/2003;
- NetBSD 1.5;
- OpenBSD 2.[789], 3.x;
- OS X (darwin 6.x, 7.x);
- Solaris 2.x.
- Commercial or Freeware: Freeware
- URL: ettercap.sourceforge.net
- Briefing: Ettercap is a multipurpose hacking suite for the switched LAN environment. As a LAN-based sniffer, interceptor and logger, it is chiefly featured by live-connection sniffing and content filtering on the fly. It supports the active and passive dissection of many protocols (even the ciphered ones) and includes some functionalities for network and host analysis. Ettercap can be used to launch an MITM attack via ARP poisoning or port stealing.
-
[ edit ]
Dsniff [8]
-
- Tool Name: Dsniff
- Current Version: 2.3 (Release Date: December 19, 2000)
- Developer: Dug Song
- Platform/OS:
- OpenBSD (i386);
- Redhat Linux (i386);
- Solaris (sparc).
- Commercial or Freeware: Freeware
- URL: www.monkey.org/~dugsong/dsniff
- Briefing: Dsniff is claimed as a tool suite developed for network auditing and penetration testing, but the attacker can use it for SSL MITM attacks. Its components "dsniff", "filesnarf", "mailsnarf", "msgsnarf", "urlsnarf", and "webspy" can be used to passively monitor a network for sensitive data (e-mail, files and passwords). Its other components like "arpspoof", "dnsspoof", and "macof" allow the attacker to intercept network packets normally unavailable to the attacker. Its components "SSHMITM" and "WEBMITM" may help the attacker to launch active man-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
-
[ edit ]
Yersinia [19]
-
- Tool Name: Yersinia
- Current Version: 0.7.1 (Release Date: May 8, 2007)
- Developer: Alfredo Andrés Omella (Slay), David Barroso Berrueta (tomac)
- Platform/OS:
- Linux 2.4.x and 2.6.x;
- Mac OSX 10.4 Tiger (Intel);
- OpenBSD 3.4 (note: upgrade your pcap libraries to at least 0.7.2);
- Solaris 5.8 64bits SPARC.
- Commercial or Freeware: Freeware
- URL: www.yersinia.net
- Briefing: Yersinia takes its name from the bacteria "Yersinia pestis." It can be used to exploit the vulnerabilities of the following network protocols: STP, CDP, DTP, DHCP, HSRP, IEEE 802.1Q, IEEE 802.1X, ISL (Inter-Switch Link Protocol), and VTP (VLAN Trunking Protocol).
Yersinia supports multithreading: multiple users and multiple attacks per user. It has three main modes: command line, network client and ncurses GUI. The attacker can use it to listen to the network, sniff packets, edit protocol fields, intercept network data in pcap format, analyze captured packets and replay them with the attacker's modifications.
-
Yersinia can be used for 29 types of attacks. In STP cases, the MITM attacker may use it on computers with two Ethernet cards to disguise as a root role dual-homed switch. In HSRP cases, the MITM attacker may use it to become an active router.
-
[ edit ]
FOLLOW-UP: RISK SHEET
-
RISK SHEET |
AUTHENTICATION SOLUTION |
MITM RISKS |
1
EAP-MD5
|
On public Ethernets or wireless LANs, station identities and password hashes can be easily sniffed. EAP-MD5 does not provide mutual authentication or EAP server authentication. Thus, MITM attackers may disguise as access points to deceive legal users into authenticating to the rouge AP. [9] [13] |
2
EAP-TTLS
|
The systems protected by EAP-TTLS are still vulnerable to MITM attacks because user passwords can be more easily guessed, shared, or disclosed via social engineering than client-side certificates. [9] |
3
LEAP
|
The systems protected by LEAP are still vulnerable to MITM attacks. [11] |
4
PEAP
|
The systems protected by PEAP are still vulnerable to MITM attacks. [9] |
5
Key Fobs and One Time Password (OTP) tokens
|
Token-based and smart-card-based OTP systems are vulnerable to MITM attacks. Attackers may hijack online sessions by deceiving legal users into providing one-time-PINs produced by tokens or smart cards. [10] [12] Risk Level: MEDIUM [12] |
6
SSL
|
Credentials can sometimes be stolen in a MITM attack using a proxy server. Risk Level: LOW [12] |
-
[ edit ]
NOTE
-
- EAP: Extensible Authentication Protocol
- LEAP: Light Extensible Authentication Protocol
- PEAP: Protected Extensible Authentication Protocol
- TTLS: Tunneled Transport Layer Security
-
[ edit ]
REFERENCE
-
- Whatis.com | SearchSecurity.com Definitions: What is man in the middle attack?
- Wikipedia: Man-in-the-middle attack
- Javvin Technologies: Network Security Dictionary
- Melani | Information Assurance Reporting and Analysis Center: Semi-Annual Report 2005 Issue 2
- Wikipedia: Public-key cryptography
- Alberto Ornaghi, Marco Valleri, "Man In The Middle Attacks," BlackHat Conference Europe 2003
- Sourceforge.net | Ettercap: Short Description
- Monkey.org | Dug Song: dsniffx Frequently Asked Questions
- Wi-Fi Planet | Tutorials: Deploying 802.1X for WLANs - EAP Types
- Wikipedia: One-time password
- Information Security Group | Karen Louise Billington and Allan Tomlinson: Mutual Authentication of B3G devices within Personal Distributed Environments
- Techtarget | Enterprise Desktop Tips: Cheat Sheet - Access Management Solutions and Their Pros and Cons
- Wikipedia: Extensible Authentication Protocol
- Techtarget | Search Security Channel: Common injection attacks
- Alberto Ornaghi, Marco Valleri, "Man In The Middle Attacks Demos," BlackHat Conference Europe 2003
- Wikipedia: Secure Shell
- Wikipedia: Extensible Authentication Protocol - EAP-TLS
- Packetwatch Research | Ryan Spangler 2003: Packet Sniffing on Layer 2 Switched Local Area Networks
- Yersinia Home
-
[ edit ]
SEE ALSO
-
-
[ edit ]
RELATED LINKS
-
[ edit ]
Articles
-
- Comodo Inc: IP Spoofing Fraud Protection from Man In The Middle Attacks (Updated: Sept 6, 2007)
- Cnet | Robert Vamosi: Internet-scale 'man in the middle' attack disclosed (Updated: Oct 17, 2008)
- IBM Developer Works | Kenneth Ballard: Secure programming with the OpenSSL API, Part 2: Secure handshake - Avoid a man in the middle (MITM) attack
- IBM Developer Works | Larry Loeb: On the lookout for dsniff: Part 1 Updated sniffer technology increases the risk of "man-in-the-middle" attacks
- IBM | Internet Security Systems: Apple Mac OS X CFNetwork SSL man-in-the-middle - macosx-cfnetwork-ssl-mitm (38463) (Updated: Nov 14, 2007)
- Peter Burkholder: SSL Man-in-the-Middle Attacks (Updated: Feb 1, 2002)
- SecurityTube: SSL MITM Attack Over Wireless
- SecurityTube: SSL MITM Attack Over Wireless Demo
- Stanford University | Computer Science Department | Security Laboratory: SSL Man in the Middle Proxy
- Wired | Bruce Schneier: How a Classic Man-in-the-Middle Attack Saved Colombian Hostages (Updated: July 10, 2008)
-
[ edit ]
Blog Entries
-
- Daniel V. Hoffman: Vulnerability Assessments and Penetration Testing: Hacking Online Banking and Credit Card Transactions - And How to Prevent It (Updated: July 17, 2008)
- RSA Security | Uri Rivner's Blog: MITM is Here (Updated: July 21, 2006)
- Victoria University of Wellington | Christian Seifert's Blog: Injection of client-side attacks with Ettercap
-
[ edit ]
Forum Discussions
-
- Sourceforge.net | Ettercap development forum: How Port Stealing Works (Updated: July 28, 2004)
- Wirelessforums.org | Wireless and Wifi Forums > News > Newsgroups > comp.security.misc: Can SSL sessions be compromised? (Updated: April 26, 2007)
- HP | IT resource center forums > Networking > switches, hubs, modems: Block "man in middle attack" (Updated: May 15, 2008)
- HP | HTTP-wg Archive: Document SimpleMD5 weakness to man-in-the-middle attack (Updated: Jan 11, 1995)
- WebmasterWorld | Website Technology Issues: How Safe is SSL from MITM (Man In The Middle) Attacks? (Updated: Aug 3, 2008)
-
[ edit ]
PowerPoint Stuff
-
- 3rd IEEE/IFIP International Conference in Central Asia | Konstantin Hypponen, Keijo M.J. Haataja: "Nino" Man-In-The-Middle Attack on Bluetooth Secure Simple Pairing (Updated: Sept 26, 2007)
- Defcon 16, Las Vegas, NV | Alex Pilosov and Tony Kapela: Stealing The Internet - An Internet-Scale �Man In The Middle Attack (Updated: Aug 10, 2008)
- José Carlos Brustoloni: Hardening Web Browsers Against Man-in-the-Middle and Eavesdropping Attacks
- IEEE 802.11 Documents | Junping Zhang and Hao Huang: (Man in the Middle) MITM in Mesh (Updated: Jan 9, 2007)
- Srinivas Inguva, Dan Boneh, Ian Baker (Stanford Security Laboratory): SSL MITM Proxy (Updated: Feb 2, 2007)
- Symantec | Candid Wüest, AVAR 2005 Speech: Today’s Threats to Online Banking - Phishing in the Middle of the Stream
-
[ edit ]
Video Demo
-
- Ethicalhacker.net | Brian Wilson: Man-in-the-Middle Attack on MySpace with Cain (Updated: March 14, 2008)
-
Related White Papers and Webcasts
Real Time Code Analysis: Proactive Protection Against Malware Threats
Malware Security Report: Protecting Your Business, Customers, and the Bottom Line
Proof Positive - Extended Validation SSL Increases Online Sales and Transactions
Show more White Papers
Related Content
Wireless Man in the Middle Attack Part II
(Blogs)
Attack_vector (Wiki)
Lessons learned from Virus Attacks
(Groups)
Disclaimer: IT Wiki is a service that allows content to be created and edited by anyone in the community. Content posted to this site is not reviewed for correctness and is not supported by Toolbox.com or any of its partners. If you feel a wiki article is inappropriate, you can either correct it by clicking "Edit" above or click here