Mikhail Elizarov - MITM

July 03, 2015

Research

88

Mikhail Elizarov - MITM

DEFCON Moscow 9

DC7499

July 03, 2015

Tweet

More Decks by DC7499

See All by DC7499

Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]

0

540

Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic

0

270

Anton Lopanitsyn - Initial reconnaissance of web applications.

0

290

Dmitry Volkov - Private messengers: without pain??

1

240

Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?

2

210

Sergey Belov - Another side of Bug Bounty programs

0

300

Dmitry Sklyarov - Intel ME: Flash file system explained

0

520

Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine

0

610

Sergey Golovanov - Indecent Response 2018

0

530

Other Decks in Research

See All in Research

一人称視点映像解析の最先端（MIRU2025 チュートリアル）

6

3.5k

[輪講] SigLIP 2: Multilingual Vision-Language Encoders with Improved Semantic Understanding, Localization, and Dense Features

2

990

なめらかなシステムと運用維持の終わらぬ未来 / dicomo2025_coherently_fittable_system

0

2.8k

Time to Cash: The Full Stack Breakdown of Modern ATM Attacks

0

130

EcoWikiRS: Learning Ecological Representation of Satellite Images from Weak Supervision with Species Observation and Wikipedia

3

130

20250605_新交通システム推進議連_熊本都市圏「車1割削減、渋滞半減、公共交通2倍」から考える地方都市交通政策

0

770

数理最適化に基づく制御

6

730

AIによる画像認識技術の進化 -25年の技術変遷を振り返る-

7

4k

Adaptive Experimental Design for Efficient Average Treatment Effect Estimation and Treatment Choice

0

110

投資戦略202508

0

560

最適化と機械学習による問題解決

0

170

Cross-Media Information Spaces and Architectures

PRO

0

240

Featured

See All Featured

Cheating the UX When There Is Nothing More to Optimize - PixelPioneers

stephaniewalter

285

13k

For a Future-Friendly Web

180

9.9k

A designer walks into a library…

pauljervisheath

207

24k

Building a Modern Day  E-commerce SEO Strategy

43

7.6k

ピンチをチャンスに：未来をつくるプロダクトロードマップ #pmconf2020

126

53k

Why You Should Never Use an ORM

PRO

59

9.5k

The Web Performance Landscape in 2024 [PerfNow 2024]

9

810

Facilitating Awesome Meetings

55

6.5k

Balancing Empowerment & Direction

3

620

Creating an realtime collaboration tool: Agile Flush - .NET Oxford

31

2.2k

What’s in a name? Adding method to the madness

productmarketing

PRO

23

3.7k

How STYLIGHT went responsive

100

5.8k

Transcript

@_Saplt
MitM
• Введение (история появления атаки) • Цель проведения атаки Человек
по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
None
None
PWN ‘em all
Пассивный сбор данных
None
Активный перехват
• ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •
ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)
ARP таблица
ARP spoofing
ARP poisoning
ICMP перенаправление
IP spoofing
поддельный IPv6 DHCP работает в сетях с IPv6
Атака на WPAD MitM, MDNS, LLMNR (APIPA)
BPDU(STP) Spoofing работает в сетях с IPv6
BPDU(STP) Spoofing конечный результат
DNS spoofing
Поддельная WiFi сеть