automa utomation tion of of mit mitm m attac attack k on
play

Automa utomation tion of of Mit MitM M Attac Attack k on on - PowerPoint PPT Presentation

Sep 15, 2022 •114 likes •332 views

Automa utomation tion of of Mit MitM M Attac Attack k on on WiFi iFi Netw Networ orks ks Martin Vondrek Author: Supervisor: Ing. Jan Pluskal Foreign supervisor: Dr Johann A. Briffa ) ) ) ) ) ) ) ) ) wifimitm Brno

  1. Automa utomation tion of of Mit MitM M Attac Attack k on on WiFi iFi Netw Networ orks ks Martin Vondráček Author: Supervisor: Ing. Jan Pluskal Foreign supervisor: Dr Johann A. Briffa ) ) ) ) ) ) ) ) ) wifimitm Brno University of Technology University of Malta

  2. Available Tools for Specific Phases of the MitM Attack on Wireless Networks • Accessing wireless network • airmon-ng , airodump-ng , aircrack-ng, aireplay-ng , wifite, upc_keys , wifiphisher , Reaver Open Source, wpaclean , netctl • Tampering network topology • Framework for Man-In-The-Middle attacks , Scapy, dsniff, arpspoof, Yersinia • Capturing network traffic • Dumpcap 2017-04-22 Automation of MitM Attack on WiFi Networks 2/13

  3. Wi-Fi Machine-in-the-Middle • Python package wifimitm • Attack data for repetitive attacks • Captured traffic 2017-04-22 Automation of MitM Attack on WiFi Networks 3/13

  4. Wi-Fi Machine-in-the-Middle • Python package wifimitm • Attack data for repetitive attacks • Captured traffic • CLI tool wifimitmcli 2017-04-22 Automation of MitM Attack on WiFi Networks 3/13

  5. Wi-Fi Machine-in-the-Middle • Python package wifimitm • Attack data for repetitive attacks • Captured traffic • CLI tool wifimitmcli • Installation scripts • Requirements check • Python package setup • Documentation, man page 2017-04-22 Automation of MitM Attack on WiFi Networks 3/13

  6. Accessing wireless network Internet Scan Crack Connect AP Impersonate (phishing) STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 4/13

  7. Accessing wireless network Internet Scan Crack Connect AP Impersonate (phishing) STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 4/13

  8. Tampering network topology Internet Tampering network topology stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 5/13

  9. Tampering network topology Internet Tampering network topology stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 5/13

  10. Capturing network traffic Internet Capturing network traffic stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 6/13

  11. Capturing network traffic Internet Capturing network traffic stop AP STA wifimitm 2017-04-22 Automation of MitM Attack on WiFi Networks 6/13

  12. Performance testing • 1 STA and 1 AP connected to the Internet • The performance impact is not critical. • Users of the network had no suspicion. • 8 STAs and 1 AP connected to the Internet • The performance impact is more severe. • Despite the performance impact, users had no suspicion. 2017-04-22 Automation of MitM Attack on WiFi Networks 7/13

  13. Internet R1 AP STA 1 wifimitm

  14. RTT STA1 – R1 10000 ms 1000 ms 100 ms 10 ms 1 ms 0 200 400 usual communication MitM

  15. Internet STA 1 STA 5 R1 STA 2 STA 6 AP STA 3 STA 7 STA 4 wifimitm STA 8

  16. RTT STA1 – R1 10000 ms 1000 ms 100 ms 10 ms 1 ms 0 200 400 usual communication MitM

  17. Utilization Automate WLAN test Penetration tester . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  18. Utilization Automate WLAN test Demonstrate danger of MitM Penetration tester . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  19. Utilization Automate WLAN test Demonstrate danger of MitM Penetration tester Develop using wifimitm Developer . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  20. Utilization Automate WLAN test Demonstrate danger of MitM Penetration tester Develop using wifimitm Capture traffic Developer Forensic researcher . Automation of MitM Attack on WiFi Networks 12/13 2017-04-22

  21. Conc Conclusion lusion • Research published as bachelor’s thesis and software product in NES@FIT research group in May 2016. • Author received dean’s award and rector’s award in 2016. • Wi-Fi Machine-in-the-Middle (open-source) • Penetration testing, forensic investigation 2017-04-22 Automation of MitM Attack on WiFi Networks 13/13

Recommend

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( )

Software and Web Security 2 MitM attacks on sessions t attac s o sess o s sws2 1 MitM (Man-in-the-Middle)attacks ( ) MitM attack: attacker gets between the browser and the web server, eg eg by setting up a wifi access point

345 views • 9 slides
Building Bridges # 2017ACA CAP Arkansas Ar kansas Cour Court t Automa utomation tion Pr

Building Bridges # 2017ACA CAP Arkansas Ar kansas Cour Court t Automa utomation tion Pr

Ways to avoid and to fix some common mistakes made in Contexte data entry PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Arkansas Ar kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst Systems

365 views • 20 slides
MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013

MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013

MiTM Attack - Haifa-Sec MiTM Attack MiTM Attack Edri Guy Edri Guy May 29 ,2013 May 29 ,2013 PC-Labs May 29 2013 MiTM Attack - Haifa-Sec MiTM Attack - Haifa-Sec DISCLAIMER DISCLAIMER 1 The following discussion is for informational

552 views • 33 slides
Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how

Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how

create your own exercise Christoph Schmidt, Team 1 Recreating the NSA's MITM Attack 1 Why Should This Topic be Chosen? Goal 1: Understanding how the NSA uses its access to the Backbone Goal 2: Understanding how MITM attacks can be done

1.02k views • 82 slides
MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation

Software and Web Security 2 MitM attacks on HTTPS sessions Much of this material can also be seen in DEFCON 2009 presentation by Moxie Marlinspike; see URL on course page sws2 1 MitM (Man-in-the-Middle) attacks MitM attack: attacker

971 views • 38 slides
W HAT IS SESSION DIRECT ? # 2017ACA CAP SessionDirect is a separate processing environment

W HAT IS SESSION DIRECT ? # 2017ACA CAP SessionDirect is a separate processing environment

S ESSION D IRECT Michial Armstrong Quentin Moore PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst Systems ems Conf Confer

319 views • 15 slides
P RODUCING CARCTGL # 2017ACA CAP C OPYING CARCTGL # 2017ACA CAP P ASTING & F ORMATTING

P RODUCING CARCTGL # 2017ACA CAP C OPYING CARCTGL # 2017ACA CAP P ASTING & F ORMATTING

E XCELING WITH YOUR CARCTGL Michial Armstrong Teresa Shaw PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst Systems ems Conf

403 views • 14 slides
by a by a No Novel el Automa utomated ted Indent Indentation tion Tec echnique hnique

by a by a No Novel el Automa utomated ted Indent Indentation tion Tec echnique hnique

Wound ound Healing Healing Revealed ealed by a by a No Novel el Automa utomated ted Indent Indentation tion Tec echnique hnique Sotcheadt Sim 1,2 Martin Garon 2 Eric Quenneville 2 Michael D. Buschmann 1 1 Institute of Biomedical

246 views • 23 slides
Le Leveraging Technol chnology gy, Automa Automati tion, on, and and Rede defi fini ning ng

Le Leveraging Technol chnology gy, Automa Automati tion, on, and and Rede defi fini ning ng

7/22/2019 Le Leveraging Technol chnology gy, Automa Automati tion, on, and and Rede defi fini ning ng Recrui cruiti ting ng Bes Best Pra Practices Jeff Henderson Department of Justice Office of Human Resources Itin Itinerary The

361 views • 9 slides
DISTRICT COURT SCHEDULING Shaunette Guy and Lesia Hill Applications Specialists PHOTOGRAPH

DISTRICT COURT SCHEDULING Shaunette Guy and Lesia Hill Applications Specialists PHOTOGRAPH

DISTRICT COURT SCHEDULING Shaunette Guy and Lesia Hill Applications Specialists PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog ogram am Syst

140 views • 13 slides
Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr

Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr

Automa Automatic V tic Verif erifica ication f tion for or Inter Interactiv active Gr Graphical phical Pr Prog ograms ams Car Carl Eastlund l Eastlund Ma Matthias F tthias Felleisen elleisen cce@ccs.neu.edu

489 views • 38 slides
S HEET - 101 Connie Compton & Lorna Cross Regional Court Administrators PHOTOGRAPH CREDIT

S HEET - 101 Connie Compton & Lorna Cross Regional Court Administrators PHOTOGRAPH CREDIT

J UVENILE C OVER S HEET - 101 Connie Compton & Lorna Cross Regional Court Administrators PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation tion Pr Prog

320 views • 11 slides
Judge s taking Attac hme nt and Psyc hopathology Andr e a L andini & Giuliana F lor

Judge s taking Attac hme nt and Psyc hopathology Andr e a L andini & Giuliana F lor

Judge s taking Attac hme nt and Psyc hopathology Andr e a L andini & Giuliana F lor it (Italy) An intr oduc tion to DMM in Milano T wo ho no ra ry judg e s in the Mino rs Co urt in Mila no invite d a ll the ir c o lle a g

433 views • 12 slides
Using U Unikernels to E o Enhan ance t the Attac ack- Resistance of S of Spire, a Ne a

Using U Unikernels to E o Enhan ance t the Attac ack- Resistance of S of Spire, a Ne a

Using U Unikernels to E o Enhan ance t the Attac ack- Resistance of S of Spire, a Ne a Network work-A -Attac ack-R -Resili lient t Intr In trus usion on-Tole olerant S SCADA f for or th the P Powe ower Gr r Grid Brad

677 views • 30 slides
A DMINISTRATIVE O RDER 21 K EY P ROVISIONS Once implemented, eFiling is mandatory only if: 1.

A DMINISTRATIVE O RDER 21 K EY P ROVISIONS Once implemented, eFiling is mandatory only if: 1.

T HE R OUTE TO M ANDATORY E F ILING Amanda Armstrong - Business Analyst Jackie Wray - Applications Specialist PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation

431 views • 10 slides
DING T EST A UTOMATION XTENDI OR V IR ON FOR IRTU TUALI LIZATION Sharookh Daru aruwalla

DING T EST A UTOMATION XTENDI OR V IR ON FOR IRTU TUALI LIZATION Sharookh Daru aruwalla

11/1/2013 C HALLENGES E XTE DING T EST A UTOMATION XTENDI OR V IR ON FOR IRTU TUALI LIZATION Sharookh Daru aruwalla Inte tel Corp rporati tion Intel Confidential Do Not Forward C ONT ONTEXT Automation essential to manage todays

395 views • 22 slides
s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space:

s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space:

s c a l e When Hardware Attacks Hardwear.io 27 September 2019 1 Attack exploitation space: time vs distance Remote key brute software protocol force relay attack side Fast Slow mitm channel Hardware attacks require: Hardware

360 views • 24 slides
IN PORTUGAL unravelling myths Attac Portugal ATTAC Norway Conference Oslo, 21st 22nd

IN PORTUGAL unravelling myths Attac Portugal ATTAC Norway Conference Oslo, 21st 22nd

CRISIS AND AUSTERITY POLICIES IN PORTUGAL unravelling myths Attac Portugal ATTAC Norway Conference Oslo, 21st 22nd October 2011 FROM FINANCIAL CRISIS TO A DEBT CRISIS Financial crisis Public deficits to reduce consequences 1%

516 views • 38 slides
s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance

When Hardware Attacks s c a l e Marc Witteman Croatian Summer school 2017 Attack exploitation space: time vs distance Remote key brute software protocol force relay attack side Fast Slow mitm channel Hardware attacks require:

688 views • 25 slides
T r ansmission of attac hme nt in thr e e ge ne r ations. Continuity and r e ve r sal

T r ansmission of attac hme nt in thr e e ge ne r ations. Continuity and r e ve r sal

T r ansmission of attac hme nt in thr e e ge ne r ations. Continuity and r e ve r sal Airi Ha uta m ki, PhD, profe ssor e me rita , Unlve rsity of He lsinki, F inla nd June 13, 2018, F ir e nze , Italy Cross-generational

537 views • 9 slides
Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT

Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT

Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT Corporation 07/Sep/2009 ISC2009@Pisa 1/22 Yu Sasaki, MitM using output truncation of 3 Haval Summary HAVAL is a hash function that can produce

507 views • 23 slides
C OVERSHEET 101- PROBATE Dawn Castle Regional Court Administrator Jackie Wray Application

C OVERSHEET 101- PROBATE Dawn Castle Regional Court Administrator Jackie Wray Application

C OVERSHEET 101- PROBATE Dawn Castle Regional Court Administrator Jackie Wray Application Specialist PHOTOGRAPH CREDIT MICHAEL HIBBLEN KUAR NEWS Building Bridges # 2017ACA CAP Ar Arkansas kansas Cour Court t Automa utomation

414 views • 17 slides
ATCA Automa*on Jamie Stevens | ATCA Senior Systems

ATCA Automa*on Jamie Stevens | ATCA Senior Systems

ATCA Automa*on Jamie Stevens | ATCA Senior Systems Scien1st / Lead Scien1st 2 June 2015 ASTRONOMY AND SPACE SCIENCE ATCA Automa*on

266 views • 7 slides
W13 November 6, 2002 3:15 PM T ACKLING THE T EST A UTOMATION C HALLENGE : T HE C ENTRALIZED T EAM

W13 November 6, 2002 3:15 PM T ACKLING THE T EST A UTOMATION C HALLENGE : T HE C ENTRALIZED T EAM

BIO PRESENTATION DEMO SHEETS W13 November 6, 2002 3:15 PM T ACKLING THE T EST A UTOMATION C HALLENGE : T HE C ENTRALIZED T EAM A PPROACH Dave Torresan and Jeff Beange RBC Financial Group International Conference On Software Testing Analysis

1.35k views • 33 slides

More recommend