Jump to content

Man in the Middle Attack


kickarse
 Share

Recommended Posts

So at a university where I worked there was a Radius server. This allowed login varification (AD integration).

So basically you open up IE/Firefox, come to a login page and your session is authenticated. You basically put into a DMZ of sorts and then once authenticated your IP is then allowed to passthrough data (FTP, HTTP, etc).

My idea is sorta that you setup a http server on your localhost. Allowing access from any IP and sending them to a "login page" that looks exactly like the Universities. But instead of authentication, it cancels them out with a "505" error and you have their username and password.

Setup the wireless cards MAC and SID to match the AP that is closest to you. That way your stronger signal will be the one it connects with.

In theory it might work. What do you guys think?

Link to comment
Share on other sites

Scammers do this in hotels with open access points. The scammers will use ARP cache poising and a web server to trick people in to entering there cradit card numbers. This is esentialy the same thing. It is possible, but I don't know the exact software to use (Although it probably will requiere Linux).

Link to comment
Share on other sites

Usually scammers then forward you on to the legitimate site after you have entered your details so that you think nothing is wrong. Banks etc. are now started to look into where logins come from more to try and stop this. Although the scammers still get the details.

If your laptop uses the first details that you capture to be authenticated and then everybody else that uses your AP their details are just stored in a document. The radius server might not accept multiple logins from one computer, it looks suspicious.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...