Ethical Hacking and Penetration Testing Guide
Hijacking Session with MITM Attack
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Hijacking Session with MITM Attack
- Attack Scenario
- ARP Poisoning with Cain and Abel
|
Hijacking Session with MITM Attack
So far, we have utilized MITM attacks only to capture the plain text passwords, However, we can also use it to steal session tokens/cookies, which are responsible for authenticating a user on a website. We should understand that this attack would only work where the communication is performed via http or full end-to-end encryption is not enabled. It won’t work where communica- tions are encrypted (https). Attack Scenario Since we will use ARP spoofing to get in the middle of the communication, this attack would work only when the attacker and victim are on the same local area network. It could be that an attacker has compromised a target, and by using it, he is able to sniff the traffic of computers on the local area network of the compromised box; it could be in a coffee shop where the attacker and the victim are already on the same local area network; or it could be that the attacker has physically plugged in a laptop to the same local area network. The attack we will perform is divided into three parts: Part 1 —We will use Cain and Abel to perform an ARP spoofing attack. Cain and Abel is a Windows-based tool that is most commonly used as a password cracker and to implement an ARP spoofing network. Network Sniffing ◾ 153 Part 2 —Once we have successfully ARP-poisoned the network, all the victim’s traffic would be directed to us. We will open our favorite “packet capturing” tool, namely, “Wireshark,” to capture all the traffic. We will specifically look for the victim’s cookies to hijack the session. Part 3 —Finally, we will use a cookie injector to inject cookies in our browser so that we can take over the victim’s session. ARP Poisoning with Cain and Abel So let me walk you through the process of ARP poisoning a network with Cain and Abel. For the simplicity, I have divided the process into five steps: Step 1 —Download “Cain and Abel” from the following link, install it, and launch it. http://oxid.it/cain.html Step 2 —Turn on the sniffer by clicking on the green button at the top just above the decoder tab. Next, scan for the MAC addresses by clicking on the plus sign (+) at the top. This will bring us all the hosts inside our subnet. Alternatively, you can also define your own range and set your targets. 154 ◾ Ethical Hacking and Penetration Testing Guide Step 3 —Once you have scanned all the MAC addresses and IP addresses, it’s time to perform an ARP spoofing attack. To do that, click on the “APR” tab at the bottom and then click on the white area in the top frame. This will turn the “+” sign into blue color. Step 4 —Next click on the “+” sign; lists of hosts will appear. Select the hosts that you want to intercept the traffic between. In my case, at the left side would be my default gateway and on the right would be my victim hosts. Network Sniffing ◾ 155 Step 5 —Click “Ok” and then finally click on the yellow button just under the file menu. And it will begin poisoning the routes in a short span of time and you will start to see traffic being captured by Cain and Abel. Yüklə 22,44 Mb. Dostları ilə paylaş:
|