Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Mikhail Elizarov - MITM
Search
DC7499
July 03, 2015
Research
0
91
Mikhail Elizarov - MITM
DEFCON Moscow 9
DC7499
July 03, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
560
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
290
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
310
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
220
Sergey Belov - Another side of Bug Bounty programs
defcon
0
320
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
550
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
650
Sergey Golovanov - Indecent Response 2018
defcon
0
560
Other Decks in Research
See All in Research
音声感情認識技術の進展と展望
nagase
0
470
生成的情報検索時代におけるAI利用と認知バイアス
trycycle
PRO
0
300
svc-hook: hooking system calls on ARM64 by binary rewriting
retrage
1
100
Upgrading Multi-Agent Pathfinding for the Real World
kei18
0
230
生成AIとうまく付き合うためのプロンプトエンジニアリング
yuri_ohashi
0
140
その推薦システムの評価指標、ユーザーの感覚とズレてるかも
kuri8ive
1
320
財務諸表監査のための逐次検定
masakat0
1
250
【NICOGRAPH2025】Photographic Conviviality: ボディペイント・ワークショップによる 同時的かつ共生的な写真体験
toremolo72
0
170
Remote sensing × Multi-modal meta survey
satai
4
710
LiDARセキュリティ最前線(2025年)
kentaroy47
0
140
ペットのかわいい瞬間を撮影する オートシャッターAIアプリへの スマートラベリングの適用
mssmkmr
0
260
Mamba-in-Mamba: Centralized Mamba-Cross-Scan in Tokenized Mamba Model for Hyperspectral Image Classification
satai
3
600
Featured
See All Featured
Large-scale JavaScript Application Architecture
addyosmani
515
110k
Bioeconomy Workshop: Dr. Julius Ecuru, Opportunities for a Bioeconomy in West Africa
akademiya2063
PRO
1
55
How to Grow Your eCommerce with AI & Automation
katarinadahlin
PRO
1
110
4 Signs Your Business is Dying
shpigford
187
22k
So, you think you're a good person
axbom
PRO
2
1.9k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
7.9k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
350
Statistics for Hackers
jakevdp
799
230k
Test your architecture with Archunit
thirion
1
2.2k
Automating Front-end Workflow
addyosmani
1371
200k
GraphQLとの向き合い方2022年版
quramy
50
14k
Designing for Performance
lara
610
70k
Transcript
@_Saplt
MitM
• Введение (история появления атаки) • Цель проведения атаки Человек
по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
None
None
PWN ‘em all
Пассивный сбор данных
None
Активный перехват
• ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •
ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)
ARP таблица
ARP spoofing
ARP poisoning
ICMP перенаправление
IP spoofing
поддельный IPv6 DHCP работает в сетях с IPv6
Атака на WPAD MitM, MDNS, LLMNR (APIPA)
BPDU(STP) Spoofing работает в сетях с IPv6
BPDU(STP) Spoofing конечный результат
DNS spoofing
Поддельная WiFi сеть
defcon
nagase
trycycle
retrage
kei18
yuri_ohashi
kuri8ive
masakat0
toremolo72
.png){kind=avatar}
satai
kentaroy47
mssmkmr
addyosmani
akademiya2063
katarinadahlin
shpigford
axbom
eileencodes
konakalab
jakevdp
thirion
quramy
lara
