Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Mikhail Elizarov - MITM
Search
DC7499
July 03, 2015
Research
93
0
Share
Mikhail Elizarov - MITM
DEFCON Moscow 9
DC7499
July 03, 2015
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
580
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
290
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
320
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
230
Sergey Belov - Another side of Bug Bounty programs
defcon
0
320
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
560
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
670
Sergey Golovanov - Indecent Response 2018
defcon
0
580
Other Decks in Research
See All in Research
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
500
それ、チームの改善になってますか?ー「チームとは?」から始めた組織の実験ー
hirakawa51
0
1.1k
計算情報学研究室 (数理情報学第7研究室)2026
tomohirokoana
0
230
Ankylosing Spondylitis
ankh2054
0
160
Thirty Years of Progress in Speech Synthesis: A Personal Perspective on the Past, Present, and Future
ktokuda
0
210
進学校の生徒にはア行の苗字が多いのか
ozekinote
0
380
A History of Approximate Nearest Neighbor Search from an Applications Perspective
matsui_528
1
250
「なんとなく」の顧客理解から脱却する ──顧客の解像度を武器にするインサイトマネジメント
tajima_kaho
10
7.5k
"主観で終わらせない"定性データ活用 ― プロダクトディスカバリーを加速させるインサイトマネジメント / Utilizing qualitative data that "doesn't end with subjectivity" - Insight management that accelerates product discovery
kaminashi
16
24k
世界モデルにおける分布外データ対応の方法論
koukyo1994
7
2.1k
羽田新ルート運用6年の検証
1manken
0
140
LINEヤフー データサイエンス Meetup「三井物産コモディティ予測チャレンジ」の舞台裏-AlpacaTechパート
gamella
1
440
Featured
See All Featured
AI Search: Where Are We & What Can We Do About It?
aleyda
0
7.4k
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
270
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
uxyall
0
270
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
2.9k
Believing is Seeing
oripsolob
1
120
Technical Leadership for Architectural Decision Making
baasie
3
340
Embracing the Ebb and Flow
colly
88
5k
Typedesign – Prime Four
hannesfritz
42
3k
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
190
The Limits of Empathy - UXLibs8
cassininazir
1
310
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
1
3.6k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.2k
Transcript
@_Saplt
MitM
• Введение (история появления атаки) • Цель проведения атаки Человек
по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
None
None
PWN ‘em all
Пассивный сбор данных
None
Активный перехват
• ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •
ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)
ARP таблица
ARP spoofing
ARP poisoning
ICMP перенаправление
IP spoofing
поддельный IPv6 DHCP работает в сетях с IPv6
Атака на WPAD MitM, MDNS, LLMNR (APIPA)
BPDU(STP) Spoofing работает в сетях с IPv6
BPDU(STP) Spoofing конечный результат
DNS spoofing
Поддельная WiFi сеть
defcon
chikuwait
hirakawa51
tomohirokoana
ankh2054
ktokuda
ozekinote
matsui_528
tajima_kaho
kaminashi
koukyo1994
1manken
gamella
aleyda
skoyamalab
uxyall
garrettdimon
oripsolob
baasie
colly
hannesfritz
jacobtomlinson
cassininazir
katarinadahlin
