Overkill Posted November 5, 2011 Share Posted November 5, 2011 hey guys im need need of your l33t advice! so im a final year student at uni and i have decided to do "ARP cache poisoning through Man in the Middle attacks" for my final year project so here is a small overview what what i intend to do *Exploring the design vulnerabilities in ARP * The tools and methods which are used to perform MIMTM attacks based on the above vulnerabilities *studying current available mitigation techniques available *developing a new mitigation technique or improving a current mitigation technique ( i am leaning towards combining 2 mitigation techniques that already exist) so what tools would you suggest that i use in this project?? will i be able to use the wifi pinapple or the Throwing Star LAN Tap?? or any other tool you guys might have? i also plan to use Katana and Ettercap to demonstrate the attacks (physical machines will be used for this) i also would like to know more tools that i can use to do these attacks i would greatly appreciate if you guys would be able to share your thoughts and ideas on this and hopefully guide me through doing the attacks part of this project ive already emailed darren but didn't get any reply from him, but its ok i understand he has a lot of work to do thanks in advance :) Quote Link to comment Share on other sites More sharing options...
digip Posted November 6, 2011 Share Posted November 6, 2011 (edited) Throwing Star LAN Tap in itself, is a sort of mitm, just hardware wise. A hub would be even easier, since you can see traffic for everyone at the same time, without having to monitor either in or out via the throwing star tap. Doing the attacks is the easy part, since the tools do all of that for you. Ettercap, Cain and Able, etc, are point and click or variable fed CLI stuff. Learn about how ARP works, why the attacks work, and why they won't go away any time soon. There are methods of protection, not many that are of much use, but you can always go static arp entries, but depending on the OS, might remove on reboots, etc. I use a bat file to keep mine in for windows using the netsh command to force my routers mac and other devices on my network. Wired is much harder to spoof in those instances but not fullproof, but wireless on the other hand you can spoof your mac address as well as poison the arp cache with your IP as the routers, and take complete control over the network traffic. This is a school project though, you should research the tools and test all of it out on your own. Edited November 6, 2011 by digip Quote Link to comment Share on other sites More sharing options...
Hyperant Posted November 6, 2011 Share Posted November 6, 2011 but wireless on the other hand you can spoof your mac address as well Ummm, you can do that on a wired connection as well, it doesnt matter if its wireless or not :/ Quote Link to comment Share on other sites More sharing options...
digip Posted November 6, 2011 Share Posted November 6, 2011 Ummm, you can do that on a wired connection as well, it doesn't matter if its wireless or not :/ Never said you couldn't. Macchanger works on wired nics, and windows has tools for doing the same thing, but on a wired network, it tends to break things and stop all traffic on some consumer routers and switches. Quote Link to comment Share on other sites More sharing options...
Hyperant Posted November 7, 2011 Share Posted November 7, 2011 but wireless on the other hand you can spoof your mac address as well Never said you couldn't. Sure you didnt say you couldnt but you did make it sound like you couldnt ;) Quote Link to comment Share on other sites More sharing options...
Overkill Posted November 8, 2011 Author Share Posted November 8, 2011 Throwing Star LAN Tap in itself, is a sort of mitm, just hardware wise. A hub would be even easier, since you can see traffic for everyone at the same time, without having to monitor either in or out via the throwing star tap. Doing the attacks is the easy part, since the tools do all of that for you. Ettercap, Cain and Able, etc, are point and click or variable fed CLI stuff. Learn about how ARP works, why the attacks work, and why they won't go away any time soon. There are methods of protection, not many that are of much use, but you can always go static arp entries, but depending on the OS, might remove on reboots, etc. I use a bat file to keep mine in for windows using the netsh command to force my routers mac and other devices on my network. Wired is much harder to spoof in those instances but not fullproof, but wireless on the other hand you can spoof your mac address as well as poison the arp cache with your IP as the routers, and take complete control over the network traffic. This is a school project though, you should research the tools and test all of it out on your own. thanks alot man, yeah doing all the research now :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.