Layer 3 = Network (IP protocol, packets)

Layer 4 = Transport (TCP protocol, packets)

Attack Steps

Conducting Recon

Before carrying out any attacks, conduct recon. This is nmap territory. Here are some things you'll want to know:

• Number of clients on network
• Open ports, services running
• Operating systems
• Etc.

Layer 3 Attacks

Traffic Sniffing: Man in the Middle/Sniffing

ARP Poisoning: Man in the Middle/ARP Poisoning  · Man in the Middle/Wired/ARP Poisoning

NDP (IPv6 equivalent of ARP) Spoofing: Man in the Middle/NDP Spoofing

Port Stealing: Man in the Middle/Port Stealing

Rushing Attack: Man in the Middle/Rushing Attack

Layer 4 Attacks

DHCP Attack: Man in the Middle/DHCP  · Man in the Middle/Rogue DHCP

SSL Attack: Man in the Middle/SSLStrip

Tools

Dsniff

SSLStrip

Flags

monkey in the middle attacks in which an attacker tricks two parties into thinking they're communicating with each other, but both are communicating with the attacker. MITM Wireless Attacks: MITM/Wireless Wired Attacks: MITM/Wired Layer 1 and 2 MITM Attacks: MITM/Layer 1 and 2 Network Tap: MITM/Wired/Network Tap Evil Twin Attack: Evil Twin  · MITM/Evil Twin Layer 3 and 4 MITM Attacks: MITM/Layer 3 and 4 Traffic Sniffing: MITM/Sniffing ARP Poisoning: MITM/ARP Poisoning Traffic Injection/Modification: MITM/Traffic Injection DNS Attacks: MITM/DNS  · Bettercap/Failed DNS Spoofing Attack  · Bettercap/Failed DNS Spoofing Attack 2 DHCP Attacks: MITM/DHCP WPAD MITM Attack: MITM/WPAD Port Stealing: MITM/Port Stealing Rushing Attack: MITM/Rushing Attack Attacking HTTPS: MITM/HTTPS Layer 5 MITM Attacks: Session Hijacking: MITM/Session Hijacking Toolz: Ettercap  · Bettercap  · MITMf  · EvilFOCA Wireshark  · Aircrack Dsniff  · Arpspoof  · Dnsspoof SSLSniff  · SSLStrip  · Frankencert Driftnet  · Karma MITM Labs: {{MITMLabs}} Category:MITM  · Category:Attacks  · Category:Kali Attack Layers Template:MITMLabs  · Template:MITMFlag Flags  · Template:MITMFlag  · e