Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Mikhail Elizarov - MITM

Avatar for DC7499 DC7499
July 03, 2015
Research
0
88

Mikhail Elizarov - MITM

DEFCON Moscow 9
Avatar for DC7499

DC7499

July 03, 2015
Tweet

More Decks by DC7499

See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
Avatar for DC7499 defcon
0
530
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
Avatar for DC7499 defcon
0
260
Anton Lopanitsyn - Initial reconnaissance of web applications.
Avatar for DC7499 defcon
0
290
Dmitry Volkov - Private messengers: without pain??
Avatar for DC7499 defcon
1
230
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
Avatar for DC7499 defcon
2
210
Sergey Belov - Another side of Bug Bounty programs
Avatar for DC7499 defcon
0
300
Dmitry Sklyarov - Intel ME: Flash file system explained
Avatar for DC7499 defcon
0
510
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
Avatar for DC7499 defcon
0
580
Sergey Golovanov - Indecent Response 2018
Avatar for DC7499 defcon
0
510

Other Decks in Research

See All in Research
AIによる画像認識技術の進化 -25年の技術変遷を振り返る-
Avatar for Hironobu Fujiyoshi hf149
6
3.4k
RapidPen: AIエージェントによるペネトレーションテスト 初期侵入全自動化の研究
Avatar for Sho Nakatani laysakura
0
1.5k
言語モデルの内部機序:解析と解釈
Avatar for Sho Yokoi eumesy
PRO
48
18k
数理最適化と機械学習の融合
Avatar for MIKIO KUBO mickey_kubo
15
8.8k
データサイエンティストの採用に関するアンケート
Avatar for The Japan DataScientist Society datascientistsociety
PRO
0
980
大規模な2値整数計画問題に対する 効率的な重み付き局所探索法
Avatar for MIKIO KUBO mickey_kubo
1
250
20250605_新交通システム推進議連_熊本都市圏「車1割削減、渋滞半減、公共交通2倍」から考える地方都市交通政策
Avatar for Traffic Brain trafficbrain
0
420
研究テーマのデザインと研究遂行の方法論
Avatar for Hisashi Ishihara hisashiishihara
5
1.4k
3D Gaussian Splattingによる高効率な新規視点合成技術とその応用
Avatar for Hide Matsuki muskie82
5
2.6k
GeoCLIP: Clip-Inspired Alignment between Locations and Images for Effective Worldwide Geo-localization
Avatar for SatAI.challenge satai
3
240
Cross-Media Information Spaces and Architectures
Avatar for Beat Signer signer
PRO
0
220
データサイエンティストの就労意識~2015→2024 一般(個人)会員アンケートより
Avatar for The Japan DataScientist Society datascientistsociety
PRO
0
660

Featured

See All Featured
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
93
6.1k
Build The Right Thing And Hit Your Dates
Avatar for Maggie C. maggiecrowley
36
2.8k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
35
2.3k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
10
660
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
51
8.5k
The MySQL Ecosystem @ GitHub 2015
Avatar for Sam Lambert samlambert
251
13k
Scaling GitHub
Avatar for Zach Holman holman
459
140k
A better future with KSS
Avatar for Kyle Neath kneath
239
17k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
3.9k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
54
6.4k
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
77
5.8k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
270
20k

Transcript

  1. @_Saplt

  2. MitM

  3. • Введение (история появления атаки) • Цель проведения атаки Человек

    по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
  4. None
  5. None

  6. PWN ‘em all

  7. Пассивный сбор данных

  8. None

  9. Активный перехват

  10. • ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •

    ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)

  11. ARP таблица

  12. ARP spoofing

  13. ARP poisoning

  14. ICMP перенаправление

  15. IP spoofing

  16. поддельный IPv6 DHCP работает в сетях с IPv6

  17. Атака на WPAD MitM, MDNS, LLMNR (APIPA)

  18. BPDU(STP) Spoofing работает в сетях с IPv6

  19. BPDU(STP) Spoofing конечный результат

  20. DNS spoofing

  21. Поддельная WiFi сеть