MITM/Wireless/Network Tap: Difference between revisions
From charlesreid1
(Created page with "Installing a wireless network tap involves the attacker placing a physical device between the target and the network device they're trying to communicate with. Just as a phon...") |
m (Admin moved page Man in the Middle/Wireless/Network Tap to MITM/Wireless/Network Tap) |
||
| (7 intermediate revisions by one other user not shown) | |||
| Line 3: | Line 3: | ||
Just as a phone tap is a physical bug installed on a phone line, and an ethernet tap is a physical device with two ethernet ports physically on the network, a wireless tap is a physical device with a wireless connection to both the attacker and their authentic network device (the router, modem, etc.) | Just as a phone tap is a physical bug installed on a phone line, and an ethernet tap is a physical device with two ethernet ports physically on the network, a wireless tap is a physical device with a wireless connection to both the attacker and their authentic network device (the router, modem, etc.) | ||
The | =Configurations= | ||
==Wired-Wireless Configuration== | |||
This involves creating a wireless access point, plus a corresponding network tap device, on the attacker's machine. The attacker can then bridge the network tap and the ethernet device, and bridge the two devices. In this way, when a sheep connects to the access point all of their traffic will be forwarded through the access point, allowing a MITM attack to occur. | |||
==Wireless-Wireless Configuration== | |||
In this configuration you're bridging two wireless devices to create a wireless network tap. This is gonna be slow... | |||
=Wired-Wireless Configuration= | |||
==Setup== | |||
To set this up we need three things: | |||
1. be able to turn wireless device into an access point with airbase-ng | |||
2. bridge network traffic from wireless ap to ethernet | |||
3. sniff | |||
===Wireless Access Point=== | |||
We can create a wireless access point with our wireless card by using airbase-ng. | |||
We specify the MAC address and ESSID of the resulting access point. | |||
<pre> | |||
$ airbase-ng -a <MAC for our access point> -c <channel> -e 'testing' wlan5 | |||
</pre> | |||
Now we can take a look at the available networks on the Sheep, and we'll see "testing" show up as an unencrypted wireless network. | |||
Our hapless sheep is enthralled by the prospect of free wifi, so the sheep connects. | |||
===Network Bridge=== | |||
<!-- | |||
now we add a bridge device using <code>brctl</code>: | |||
<pre> | |||
$ brctl addbr br0 | |||
</pre> | |||
we edit the network interfaces: | |||
<pre> | |||
$ vim /etc/network/interfaces | |||
</pre> | |||
and add the following lines: | |||
<pre> | |||
auto br0 | |||
iface br0 inet dhcp | |||
bridge_ports wlan5 eth0 up | |||
</pre> | |||
and bring the bridge online: | |||
<pre> | |||
$ service networking restart | |||
</pre> | |||
--> | |||
{{MITMFlag}} | |||
Latest revision as of 20:41, 5 March 2022
Installing a wireless network tap involves the attacker placing a physical device between the target and the network device they're trying to communicate with.
Just as a phone tap is a physical bug installed on a phone line, and an ethernet tap is a physical device with two ethernet ports physically on the network, a wireless tap is a physical device with a wireless connection to both the attacker and their authentic network device (the router, modem, etc.)
Configurations
Wired-Wireless Configuration
This involves creating a wireless access point, plus a corresponding network tap device, on the attacker's machine. The attacker can then bridge the network tap and the ethernet device, and bridge the two devices. In this way, when a sheep connects to the access point all of their traffic will be forwarded through the access point, allowing a MITM attack to occur.
Wireless-Wireless Configuration
In this configuration you're bridging two wireless devices to create a wireless network tap. This is gonna be slow...
Wired-Wireless Configuration
Setup
To set this up we need three things:
1. be able to turn wireless device into an access point with airbase-ng
2. bridge network traffic from wireless ap to ethernet
3. sniff
Wireless Access Point
We can create a wireless access point with our wireless card by using airbase-ng.
We specify the MAC address and ESSID of the resulting access point.
$ airbase-ng -a <MAC for our access point> -c <channel> -e 'testing' wlan5
Now we can take a look at the available networks on the Sheep, and we'll see "testing" show up as an unencrypted wireless network.
Our hapless sheep is enthralled by the prospect of free wifi, so the sheep connects.
Network Bridge
 |
monkey in the middle attacks in which an attacker tricks two parties into thinking they're communicating with each other, but both are communicating with the attacker.
Wireless Attacks: MITM/Wireless Wired Attacks: MITM/Wired
Layer 1 and 2 MITM Attacks: Network Tap: MITM/Wired/Network Tap Evil Twin Attack: Evil Twin · MITM/Evil Twin
Layer 3 and 4 MITM Attacks:
ARP Poisoning: MITM/ARP Poisoning Traffic Injection/Modification: MITM/Traffic Injection DNS Attacks: MITM/DNS · Bettercap/Failed DNS Spoofing Attack · Bettercap/Failed DNS Spoofing Attack 2 DHCP Attacks: MITM/DHCP WPAD MITM Attack: MITM/WPAD Port Stealing: MITM/Port Stealing Rushing Attack: MITM/Rushing Attack Attacking HTTPS: MITM/HTTPS
Session Hijacking: MITM/Session Hijacking
Toolz:
SSLSniff · SSLStrip · Frankencert
MITM Labs: {{MITMLabs}}
Category:MITM · Category:Attacks · Category:Kali Attack Layers Template:MITMLabs · Template:MITMFlag Flags · Template:MITMFlag · e |