Upload File

introduction mitm 101 easy traffic manipulation techniques using scapy

  • Home
  • Documents
  • Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy
15
Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Upload: bennett-conley

Post on 13-Dec-2015

233 views

Category:

Documents


8 download

Report

Tags:

TRANSCRIPT

Page 1: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Introduction

MITM 101Easy Traffic Manipulation Techniques Using

Scapy

Page 2: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Introduction

Bob Simpson@bobby_simpson

Bob Simpson has fun researching security…

and is CIO for Finley & Cook, PLLC, and inventor of GhostSentry, a technology that uses MITM techniques for good purposes.

Page 3: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

What is MITM?

MITM (aka MiTM, MitM, etc.)

• NOT just sniffing

• Involves getting in the middle of a two-way conversation

• Often explained as Alice talking to Bob, with Mallory in the middle convincing Alice that she’s Bob, and Bob that she’s Alice.

Picture from https://en.wikipedia.org/wiki/Man-in-the-middle_attack

Page 4: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

What is MITM?

Let’s do it!

[ DEMO ]

Picture from https://en.wikipedia.org/wiki/Man-in-the-middle_attack

Page 5: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

What do we get?

• What do we get?• Reconnaissance (fingerprinting)• NTLM capture, relay, escalation, redirection• SSL bypass• Steal and/or break credentials• Or, simple redirection ( … and the resulting

software download, browser exploit, etc)

Page 6: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

What do we get?

• What do we get?• Pwnage!!!

Page 7: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

How is it done?

Google it:• Tools:

• Ettercap, Cain and Abel, Arpspoofing, mitmf, websploit, Burp suite, SSL Strip, middler, Fiddler2, Subterfuge, DSniff, wsniff, and commercial stuff (Hack5’s new LanTurtle)

• Methods:

• ICMP redirect, STP Mangling, Route mangling, imposter domains and URLs

• Attacking local systems

• ARP, DNS, STP, hardware

• Attacking remote systems

• DNS, route mangling, proxy and tunneling

Page 8: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

How is it done?

Why easy is good:

From the DEF CON

ROOTZ Asylum

area:

Page 9: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Let’s do it!

Our Setup:• Tools:

• Scapy (packet manipulation for Python)

• NFQUEUE (bindings for netfilter queue)

• Method:

• Bridging

Page 10: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Basic Method

• Preparation:• Ubuntu 14.04 (or your own flavor)• Apt-get install bridge-utils, scapy, python-

nfqueue• Execution:• Follow the three steps:

1. Create a Bridge2. Redirect Packets to Scapy3. Mangle to your hearts content

Page 11: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Basic Method

Let’s do it!

[ DEMO ]

Page 12: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Summary

• Preparation• Ubuntu 14.04 (or your own flavor)• Apt-get install bridge-utils, scapy, python-

nfqueue• Execution• Follow the three steps:

1. Create a Bridge2. Redirect Packets to Scapy3. Mangle to your hearts content

Page 13: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Summary

Google Scapy and NFQUEUE for great tutorials

Page 14: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

Q&A

What would you like to know?

Page 15: Introduction MITM 101 Easy Traffic Manipulation Techniques Using Scapy

The End

Bob Simpson@bobby_simpson


Network packet forgery with Scapy - · PDF fileProblematic Scapy Network discovery and attacks Network packet forgery with Scapy Philippe BIONDI phil(at)secdev.org / philippe.biondi(at)eads.net

20170629 pses mitm - confs.imirhil.fr

Network packet manipulation with Scapy - SecDev.orgsecdev.org/conf/scapy_Aachen.pdf · 2005. 9. 21. · Title: Network packet manipulation with Scapy Author: Philippe BIONDI Subject:

Network packet manipulation with Scapy -

Network packet manipulation with Scapy - SecDev.orgsecdev.org/conf/scapy_hack.lu.pdf · Network packet manipulation with Scapy Philippe BIONDI phil(at)secdev.org / philippe.biondi(at)eads.net

iOS MITM Attack

Practical mitm for_pentesters

Scapy talk

scapy - Computer Sciencecobweb.cs.uga.edu/~perdisci/CSCI4760-F16/Slides/Scapy-Bo.pdf · What is Scapy • Scapy is a packet manipulation tool for computer networks. • forge or decode

Scapy Documentation

Hack x Crack Scapy

Scapy - Easy Packet Handling - toulibre.org · Pr´esentation de scapy D´emo Scapy Easy Packet Handling Etienne Maynier [email protected] Capitole du Libre 24 Novembre 2012

PASSIVE BLUETOOH MONITORING IN SCAPY

Scapy documentation (!) - julien.desfossez.free.frjulien.desfossez.free.fr/doc/scapydoc.pdf · 1 Introduction 1.1 About this document 1.2 What is Scapy Scapy is a Python program that

BSides London - Scapy Workshop

Network packet manipulation with Scapy

c Copyright 2016 ACM Notice Changes introduced as a result ... · manipulation tool scapy. The software tool utilises a DNP3 scapy plug-in which is used to implement the DNP3 protocol

Mitm Presentation

Python Scapy

Offensive MitM

BeEF Injection MITM

SELF STUDY REPORT - MITM

Scapy and IPv6 networking - SecDev.orgsecdev.org/conf/scapy-IPv6_HITB06.pdf · The Scapy Concept Scapy + IPv6 = Scapy6 Fun Security with Scapy6 Beware! IPv6 is coming, and it is not

Scapy Documentation - Packetlevel.ch · 2009-12-12 · CHAPTER ONE INTRODUCTION 1.1About Scapy Scapy is a Python program that enables the user to send, sniff and dissect and forge

The Very Unofficial Dummies Guide To Scapy - palkeo · Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols,

Packet Crafting using Scapy - Ryerson University · “Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols,

MITM Attacks on HTTPS: Another Perspective · - A. stops the MitM attack 4. JS can interact with HostA in a usual way Browser knows nothing about MitM! ... MITM Attacks on HTTPS:

SCAPY - modio.se · 2015-05-12 PyCon Exploit: SCAPY rocks A (Python) framework for packet manipulation

Scapy Pacsec05.Handout

MITM ARP Poison Attack - simms-teach.com · CIS 76 MITM via ARP Poisoning MITM ARP Poison Attack 1 DRAFT Last updated 9/4/2017

Network packet manipulation with Scapy · Problematic Scapy Network discovery and attacks State of the art Forge exactly what you want Decode or interpret ? Many programs Testing

Scapy Test

PASSIVE BLUETOOH MONITORING IN SCAPY · AGENDA • bluetooth essentials • fundamental projects • scapy-btbb project overview • demo

Ssl Mitm Attacks

Scapy Packet Forgery