Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Mikhail Elizarov - MITM
Search
DC7499
July 03, 2015
Research
0
91
Mikhail Elizarov - MITM
DEFCON Moscow 9
DC7499
July 03, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
560
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
290
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
310
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
220
Sergey Belov - Another side of Bug Bounty programs
defcon
0
320
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
550
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
650
Sergey Golovanov - Indecent Response 2018
defcon
0
560
Other Decks in Research
See All in Research
学習型データ構造:機械学習を内包する新しいデータ構造の設計と解析
matsui_528
6
3k
【NICOGRAPH2025】Photographic Conviviality: ボディペイント・ワークショップによる 同時的かつ共生的な写真体験
toremolo72
0
150
Earth AI: Unlocking Geospatial Insights with Foundation Models and Cross-Modal Reasoning
satai
3
470
競合や要望に流されない─B2B SaaSでミニマム要件を決めるリアルな取り組み / Don't be swayed by competitors or requests - A real effort to determine minimum requirements for B2B SaaS
kaminashi
0
670
Can AI Generated Ambrotype Chain the Aura of Alternative Process? In SIGGRAPH Asia 2024 Art Papers
toremolo72
0
130
OWASP KansaiDAY 2025.09_文系OSINTハンズオン
owaspkansai
0
110
データサイエンティストをめぐる環境の違い2025年版〈一般ビジネスパーソン調査の国際比較〉
datascientistsociety
PRO
0
650
令和最新技術で伝統掲示板を再構築: HonoX で作る型安全なスレッドフロート型掲示板 / かろっく@calloc134 - Hono Conference 2025
calloc134
0
540
都市交通マスタープランとその後への期待@熊本商工会議所・熊本経済同友会
trafficbrain
0
110
Community Driveプロジェクト(CDPJ)の中間報告
smartfukushilab1
0
160
R&Dチームを起ち上げる
shibuiwilliam
1
140
ブレグマン距離最小化に基づくリース表現量推定: バイアス除去学習の統一理論
masakat0
0
120
Featured
See All Featured
Producing Creativity
orderedlist
PRO
348
40k
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
170
Between Models and Reality
mayunak
1
180
How Fast Is Fast Enough? [PerfNow 2025]
tammyeverts
3
450
Ethics towards AI in product and experience design
skipperchong
2
190
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
240
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.3k
Six Lessons from altMBA
skipperchong
29
4.1k
The SEO identity crisis: Don't let AI make you average
varn
0
62
Scaling GitHub
holman
464
140k
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Transcript
@_Saplt
MitM
• Введение (история появления атаки) • Цель проведения атаки Человек
по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
None
None
PWN ‘em all
Пассивный сбор данных
None
Активный перехват
• ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •
ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)
ARP таблица
ARP spoofing
ARP poisoning
ICMP перенаправление
IP spoofing
поддельный IPv6 DHCP работает в сетях с IPv6
Атака на WPAD MitM, MDNS, LLMNR (APIPA)
BPDU(STP) Spoofing работает в сетях с IPv6
BPDU(STP) Spoofing конечный результат
DNS spoofing
Поддельная WiFi сеть
defcon
matsui_528
toremolo72
.png){kind=avatar}
satai
kaminashi
owaspkansai
datascientistsociety
calloc134
trafficbrain
smartfukushilab1
shibuiwilliam
masakat0
orderedlist
davetheseo
mayunak
tammyeverts
skipperchong
stephaniewalter
ipullrank
varn
holman
erikaheidi
