[Owasp-Malaysia] Man In The Middle Attack Wireless

Hasanuddin Abu Bakar hasanuddin at sigmarectrix.com
Fri Sep 24 07:48:29 EDT 2010


On Fri, Sep 24, 2010 at 7:21 PM, Harisfazillah Jamel
<linuxmalaysia at gmail.com> wrote:
> Tittle should be man in the minddle attack..
>
> ettercap can be used to capture packet. But its hard to get our
> password in HTTPS protocol. I believe a kind of proxy is used for
> this.
>
> Any idea what kind of proxy?
>

Basically "we" (the attacker in this case) can decrypt the password or
any data in HTTPS because "we" provide the fake certificate. that's
the reason of MITM.



>
> On Fri, Sep 24, 2010 at 7:04 PM, Hasanuddin Abu Bakar <> wrote:
>> ARP poisoning can be used.ettercap
>>
>> On 24 Sep 2010 19:02, "Harisfazillah Jamel" <linuxmalaysia at gmail.com> wrote:
>>> Assalamualaikum and salam sejahtera,
>>>
>>> Would like to share this blog post.
>>>
>>> http://blog.mohdhanif.com/aku-telah-berjaya-di-hack/
>>>
>>> How man in the middle attack can be used in this case?
>>>
>>> Thanks.
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>


More information about the Owasp-Malaysia mailing list