Presentation is loading. Please wait.

Presentation is loading. Please wait.

Easy Traffic Manipulation Techniques Using Scapy

Published byBennett Conley Modified over 9 years ago

Similar presentations

Presentation on theme: "Easy Traffic Manipulation Techniques Using Scapy"— Presentation transcript:

1 Easy Traffic Manipulation Techniques Using Scapy
Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

2 Bob Simpson Introduction @bobby_simpson
Bob Simpson has fun researching security… and is CIO for Finley & Cook, PLLC, and inventor of GhostSentry, a technology that uses MITM techniques for good purposes.

3 MITM (aka MiTM, MitM, etc.) NOT just sniffing
What is MITM? MITM (aka MiTM, MitM, etc.) NOT just sniffing Involves getting in the middle of a two-way conversation Often explained as Alice talking to Bob, with Mallory in the middle convincing Alice that she’s Bob, and Bob that she’s Alice. Picture from

4 What is MITM? Let’s do it! [ DEMO ]
Picture from

5 What do we get? What do we get? Reconnaissance (fingerprinting) NTLM capture, relay, escalation, redirection SSL bypass Steal and/or break credentials Or, simple redirection ( … and the resulting software download, browser exploit, etc)

6 What do we get? What do we get? Pwnage!!!

7 How is it done? Google it: Tools:
Ettercap, Cain and Abel, Arpspoofing, mitmf, websploit, Burp suite, SSL Strip, middler, Fiddler2, Subterfuge, DSniff, wsniff, and commercial stuff (Hack5’s new LanTurtle) Methods: ICMP redirect, STP Mangling, Route mangling, imposter domains and URLs Attacking local systems ARP, DNS, STP, hardware Attacking remote systems DNS, route mangling, proxy and tunneling

8 How is it done? Why easy is good: From the DEF CON ROOTZ Asylum area:

9 Let’s do it! Our Setup: Tools: Scapy (packet manipulation for Python)
NFQUEUE (bindings for netfilter queue) Method: Bridging

10 Basic Method Preparation: Ubuntu (or your own flavor) Apt-get install bridge-utils, scapy, python-nfqueue Execution: Follow the three steps: Create a Bridge Redirect Packets to Scapy Mangle to your hearts content

11 Basic Method Let’s do it! [ DEMO ]

12 Summary Preparation Ubuntu (or your own flavor) Apt-get install bridge-utils, scapy, python-nfqueue Execution Follow the three steps: Create a Bridge Redirect Packets to Scapy Mangle to your hearts content

13 Google Scapy and NFQUEUE for great tutorials
Summary Google Scapy and NFQUEUE for great tutorials

14 What would you like to know?
Q&A What would you like to know?

15 The End Bob Simpson @bobby_simpson

Download ppt "Easy Traffic Manipulation Techniques Using Scapy"

Similar presentations

Ethical Hacking Module VII Sniffers.

Ethical Hacking Module VII Sniffers.
Intrusion Detection/Prevention Systems Charles Poff Bearing Point.

Intrusion Detection/Prevention Systems Charles Poff Bearing Point.
Christopher Avilla. What is MiTM?Computer MiTMGSM MiTM Tips for Detection of MiTM.

Christopher Avilla. What is MiTM?Computer MiTMGSM MiTM Tips for Detection of MiTM.
Security Lab 2 MAN IN THE MIDDLE ATTACK

Security Lab 2 MAN IN THE MIDDLE ATTACK
Man in the Middle Attack

Man in the Middle Attack
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
Security Q&A OSG Site Administrators workshop Indianapolis August 6-7 2009 Doug Olson LBNL.

Security Q&A OSG Site Administrators workshop Indianapolis August Doug Olson LBNL.
Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.

Sniffing, Spoofing, Hijacking This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added.
Tim Maletic Security Consultant. Goal of this talk To convince you that: Layer 2 must be included in the scope of your security assessments Thou shalt.

Tim Maletic Security Consultant. Goal of this talk To convince you that: Layer 2 must be included in the scope of your security assessments Thou shalt.
OWASP Xenotix XSS Exploit Framework

OWASP Xenotix XSS Exploit Framework

Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
Packet Sniffing - By Aarti Dhone.

Packet Sniffing - By Aarti Dhone.
Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.

Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.
Demonstrating HTTP Session Hijacking through ARP Cache Poisoning and Man-in-the-Middle Attack and exploring HTTPS and VOIP session vulnerabilities Mainuddin.

Demonstrating HTTP Session Hijacking through ARP Cache Poisoning and Man-in-the-Middle Attack and exploring HTTPS and VOIP session vulnerabilities Mainuddin.
ITIS3100 By Fei Xu. Acknowledge This document is basically a digest from “Wireshark User's Guide 25114 for Wireshark 1.0.0” You can download the software.

ITIS3100 By Fei Xu. Acknowledge This document is basically a digest from “Wireshark User's Guide for Wireshark 1.0.0” You can download the software.
A Study in TCP/BGP Session Security

A Study in TCP/BGP Session Security
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
SSL Man-in-the-Middle Attacks with Dsniff Rochester OWASP & ISSA Chapters Ralph Durkee Durkee Consulting, Inc.

SSL Man-in-the-Middle Attacks with Dsniff Rochester OWASP & ISSA Chapters Ralph Durkee Durkee Consulting, Inc.
Introduction to Honeypot, Botnet, and Security Measurement

Introduction to Honeypot, Botnet, and Security Measurement

Similar presentations

Ads by Google