MITM 4: ARP spoofing (exploit)

January 31, 2012

1

Now I described how ARP works, let’s exploit the weakness: deceiving the victim and the default gateway by pretending to be both of them. There are many tools for the ARP spoofing such as Cain & Abel, Ettercap and DSniff (I will soon write a tutorial about Ettercap and Cain & Abel). In order to […]

Posted in: Tutorials

OSI model – Layer 4: Transport (TCP and UDP with Scapy)

January 30, 2012

8

I already wrote an article describing the OSI model and its 3 first layers (physical, data link and network). Now I’ll talk about the layer 4: transport. While the data link layer carries the point-to-point connections and the network layer carries the routing of packets, the transport provides end-to-end communication services for applications. The transport […]

Posted in: Tutorials

Scapy – Decode and forge your own packet

January 24, 2012

3

I started to write articles on the wiki of Sec IT’s related to the posts on this blog. If you want to modify or improve the articles (I’m pretty sure there are plenty of typos and materials to describe), feel free to edit it on the wiki. Scapy is an application for packet manipulation written in […]

Posted in: Tutorials, Wiki

Ettercap – All roads lead to CLI

January 24, 2012

7

For the tutorial about the MTM attack, I started an article in the Sec IT’s wiki about Ettercap. Ettercap is a free and open-source tool for man in the middle (MITM) attack on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive […]

Posted in: Tosch production

Wireshark

January 21, 2012

0

I started to write articles on the wiki of Sec IT’s related to the posts on this blog. Here is the first one. If you want to modify or improve the article (I’m pretty sure there are plenty of typos and materials to describe), feel free to edit it on the wiki. Wireshark is a free and […]

Posted in: Wiki

MITM 3: ARP spoofing

January 20, 2012

1

The first step in a Man In The Middle attack is to modify the ARP table of the victim’s computer and the default gateway router in this way: ARP table (victim) ARP table (router) IP MAC address IP MAC address 192.168.0.1 (router IP) Attacker MAC address 192.168.0.2 (victim IP) Attacker MAC address Before spoofing, you […]

Posted in: Tutorials

#opmegaupload, the beginning of the biggest cyberwar?

January 20, 2012

0

Meganimous

The U.S. Department of Justice shut down Mega* websites including MegaUpload and MegaVideo, leaders in online storage and video streaming, during an investigation into alleged copyright infringement (the Indictment Papers for the MegaUpload lawsuit can be read here). In total, 7 people have been arrested including the CEO Kim Dotcom. Therefore, not much hope remains […]

Posted in: News