Questions tagged [man-in-the-middle]
A man-in-the-middle attack (MiTM) is an attack against a communication protocol where the attacker relays and modifies messages in transit. The parties believe they are talking to each other directly, but in fact both are talking to each other via the attacker in the middle.
1,371
questions
1
vote
0
answers
42
views
Possible workaround for IP-MAC binding security feature on routers
I have been reading about the IP-MAC binding security feature on routers, and have found a possible technique to bypass it (have yet to test it, currently in the theory phase). Let's assume the ...
- 131
1
vote
1
answer
62
views
How to limit the Wireless CA can only use in wireless connection on Windows?
My school require me to install a CA to do connect to the school Wi-Fi network. In android, I can install it into Wireless CA list, and based on my understanding, that won't give the CA owner ...
- 11
1
vote
1
answer
62
views
ARP Spoof: Will it work on public wifi networks as compared to a home network?
I have recently successfully demonstrated a simple ARP spoofing attack on my home network. The setup in my home network, described to the best of my abilities is as follows:
Optical network router (...
- 131
1
vote
0
answers
32
views
Possibility of eavesdropping on app-server comms after redirect to deep link
I'm being asked to investigate a possible attack vector that I don't understand and I don't want to take action that is useless or even negatively affects users if it isn't going to address something ...
- 111
0
votes
1
answer
60
views
BankID and QR codes attacked by man-in-the-middle?
There is a general national login ID system used in the Nordics called BankID.
Very often a user will go to a website that employs the BankID login and click "login with QR". Having done so ...
- 103
7
votes
2
answers
4k
views
How should I report a Man-in-the-Middle attack in my workplace?
I work at a small-to-medium business. Most of my coworkers were born in the 1960s and do not have a background in computer science. I have a background in computer science, but I specialize in ...
- 181
2
votes
1
answer
57
views
Why is the "intermediate" challenge needed in Bluetooth ECDH since the "real" verification is performed at the end with code comparison?
Why is step 4 needed? What does it protect in terms of security? Doesn't the protection arrives from the last step so when Va and Vb (so called TK, Temporary Keys) are compared?
Other thing: I read ...
- 129
1
vote
0
answers
43
views
MITM experiment works with DLink DIR-605L but not Hitron CGN3AMF
I am trying to learn about man-in-the-middle. I was able to successfully demonstrate it in when I'm using a DLink DIR-605L wifi router that's connected to a Hitron CGN3AMF wifi modem. But I failed ...
- 295
0
votes
0
answers
116
views
Bettercap not detecting HTTPS websites (?)
The built-in sslstripping feature (http.proxy.sslstrip) in bettercap is not working against HTTPS websites in this issue I will be using cygwin.com and winzip.com as an example, as we can see they are ...
0
votes
0
answers
57
views
What kinds of attacks are eliminated in WPA2-PSK if for each device there's a different (secret) PSK?
With regular WPA2-PSK there's the fact that every device shares the same PSK, hence it's possible to impersonate the AP by setting up an Evil Twin and watching the traffic. This isn't possible without ...
- 81
0
votes
0
answers
56
views
What is the security impact of disabling certificate check [duplicate]
I have this line of code in a client server project:
sslContext.init(null, new TrustManager[]{new TrustAnyManager()}, null);
A security guy pointed out that this is skipping the validation of the ...
- 67
0
votes
0
answers
52
views
In TLS, how are the Diffie-Hellman exchange parameters protected from a MITM attack? [duplicate]
Authentication alone will not stop a MITHM from intercepting and modifying plaintext exchanges, since he can let the authentication occur, then begin modifying the exchange data and neither end will ...
- 23
0
votes
1
answer
148
views
Can a VPN company perform a MiTM attack if SSL Pinning is in place?
Recently, I read news about Facebook acquired the Onavo VPN company to monitor Snapchat users' traffic. It seems they executed a Man-in-the-Middle attack by replacing the certificate. But could they ...
1
vote
2
answers
67
views
Preventing Data Tampering in HTTPS Requests: Safeguarding User-Initiated Donations
Could a Man-in-the-Middle (MITM) attack compromise the integrity of user-initiated transactions over HTTPS? Specifically, if a user selects an amount to donate on a website, is it possible for a ...
- 13
0
votes
2
answers
120
views
How to Capture Mobile API Requests in burp when Server side pinning is implemented
I recently encountered a scenario where Mobile Application is generating CSR request, call a POST API request and in response, Ask Server for certificate. Server will respond with the temporary ...
- 153