Mallory Bob Alice Mallory "Hi Bob, it's Alice. Give me your key"--> Bob Alice Mallory <--[Bob's_key] Bob Alice <--[Mallory's_key] Mallory Bob Alice "Meet me at the bus stop!"[encrypted with Mallory's key]--> Mallory Bob Alice Mallory "Do not meet me!"[encrypted with Bob's key]--> Bob"> Mallory Bob Alice Mallory "Hi Bob, it's Alice. Give me your key"--> Bob Alice Mallory <--[Bob's_key] Bob Alice <--[Mallory's_key] Mallory Bob Alice "Meet me at the bus stop!"[encrypted with Mallory's key]--> Mallory Bob Alice Mallory "Do not meet me!"[encrypted with Bob's key]--> Bob">
Download presentation
Presentation is loading. Please wait.
Published byAustyn Crosthwait Modified over 10 years ago
1
Christopher Avilla
2
What is MiTM?Computer MiTMGSM MiTM Tips for Detection of MiTM
4
Alice "Hi Bob, it's Alice. Give me your key"--> Mallory Bob Alice Mallory "Hi Bob, it's Alice. Give me your key"--> Bob Alice Mallory <--[Bob's_key] Bob Alice <--[Mallory's_key] Mallory Bob Alice "Meet me at the bus stop!"[encrypted with Mallory's key]--> Mallory Bob Alice Mallory "Do not meet me!"[encrypted with Bob's key]--> Bob
5
Computer Network – ARP cache poisoning Cell Phone Networks – IMSI catcher and VBTS RFID Chips and Readers
6
Send ARP Reply to Client acting as Server Send ARP Reply to Server acting as Client Then View, Edit, Modify and Inject packets to and from target
7
Cain and Able EttercapDsniff
8
Injection DNS Spoofing SSL Strip Sniffing
9
International Mobile Subscriber Identity (IMSI) GSM equivalent to a username Universal Software Radio Peripheral (USRP) http://revision3.com/hak5/shmoocon2010
10
Ability for base station to tell hand set that it will not get cipher Plain text between phone and SIM card
11
Secret Key in SIM Card Base station sends 128 bit Random number SIM Card concats 128 with Secret Key Hashes the result and splits in two Half is sent back to base station Half is used for cypher A5 A53 is 3G encryption
12
OpenBTS Hooks in to Asterisk (VoIP) SIP proxy with voice changer Target specific phone number and route all calls to 911 Sniff all SIP packets and replay conversations http://openbts.sourceforge.net/
13
Third Party Applications – AntiARP or XArp http://www.raymond.cc/blog/archives/2009/08/07/protect-your-computer-against-arp-poison-attack- netcut/ http://www.raymond.cc/blog/archives/2009/08/07/protect-your-computer-against-arp-poison-attack- netcut/ Look at your ARP table by ARP/a or ARP –a Use static ARP tables A fine tuned IDS will alert you when youve fallen GSM phone should alert you when non-encrypted
15
http://en.wikipedia.org/wiki/Universal_Software_Radio_Periph eral http://en.wikipedia.org/wiki/Universal_Software_Radio_Periph eral http://en.wikipedia.org/wiki/ARP_spoofing http://www.irongeek.com/ http://www.monkey.org/~dugsong/dsniff/faq.html http://openmaniak.com/ettercap_filter.php http://www.shmoocon.org/presentations-all.html http://openbts.sourceforge.net/ http://revision3.com/hak5/pineapples http://revision3.com/hak5/shmoocon2010
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.