[Owasp-Malaysia] Man In The Middle Attack Wireless

Amir Haris amirharis at gmail.com
Fri Sep 24 08:30:56 EDT 2010


Haris,

Yes.. mmg possible sangat2. aku ada demo masa DNSSEC seminar...

On Fri, Sep 24, 2010 at 8:17 PM, Hazrul Hamzah <hazrul at hazrulnz.net> wrote:

>  Based on the blog post, plenty of tools can be used to perform such
> attacks. Nowadays tools are getting more "user friendly" and yeah since
> he's using insecure Wifi facility -visible network packets/traffics -
> perhaps webmitm, dnsspoof can be used. Or perhaps sidejacking with
> ferret and hamster is much more easier. But based on the symptoms or the
> screenshots, it is more monkey in the middle attack compared to
> sidejacking (I prefer this one).
>
> So, never access your private accounts using insecure or open ap
> wireless environment. Guna la broadband.. :D
>
> p/s: besides I believe nobody actually read/understand/concern on the
> warning popups regarding the cert validity. Usually we just click "Add
> exception" and "proceed" :D
>
> That's my 2 halala
>
> Thanks
>
> On 24/09/2010 19:38, Fathi Kamil Zainuddin wrote:
> > There is https/ssl mitm in the cain & abel using fake private/public key.
> It intercepts the ssl handshake and providing the fake key (if the key is
> not trusted) to the client. In my previous test, my friend realized a fake
> ssl for maybank site when I'm running the attack, and he told me maybank has
> been hacked (but not). For wireless (not ethernet) layer 2, there is utility
> like airpwn and karma for this kind of attack. I haven't read yet the blog
> but to answer first the question. Wallahualam.
> > Sent from my BlackBerry® smartphone
> >
> > -----Original Message-----
> > From: Harisfazillah Jamel <linuxmalaysia at gmail.com>
> > Sender: owasp-malaysia-bounces at lists.owasp.org
> > Date: Fri, 24 Sep 2010 19:21:31
> > To: owasp-malaysia<owasp-malaysia at lists.owasp.org>
> > Subject: Re: [Owasp-Malaysia] Man In The Middle Attack Wireless
> >
> > Tittle should be man in the minddle attack..
> >
> > ettercap can be used to capture packet. But its hard to get our
> > password in HTTPS protocol. I believe a kind of proxy is used for
> > this.
> >
> > Any idea what kind of proxy?
> >
> >
> > On Fri, Sep 24, 2010 at 7:04 PM, Hasanuddin Abu Bakar <> wrote:
> >> ARP poisoning can be used.ettercap
> >>
> >> On 24 Sep 2010 19:02, "Harisfazillah Jamel" <linuxmalaysia at gmail.com>
> wrote:
> >>> Assalamualaikum and salam sejahtera,
> >>>
> >>> Would like to share this blog post.
> >>>
> >>> http://blog.mohdhanif.com/aku-telah-berjaya-di-hack/
> >>>
> >>> How man in the middle attack can be used in this case?
> >>>
> >>> Thanks.
> > _______________________________________________
> > Owasp-Malaysia mailing list
> > Owasp-Malaysia at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >
> > OWASP Malaysia Wiki
> > http://www.owasp.org/index.php/Malaysia
> >
> > OWASP Malaysia Wiki Facebook
> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
> > _______________________________________________
> > Owasp-Malaysia mailing list
> > Owasp-Malaysia at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >
> > OWASP Malaysia Wiki
> > http://www.owasp.org/index.php/Malaysia
> >
> > OWASP Malaysia Wiki Facebook
> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
> >
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.org/index.php/Malaysia
>
> OWASP Malaysia Wiki Facebook
> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20100924/b05231fd/attachment.html 


More information about the Owasp-Malaysia mailing list