Lock in $30 Savings on PRO—Offer Ends Soon! ⏳

Mikhail Elizarov - MITM

Avatar for DC7499 DC7499
July 03, 2015
Research
0
90

Mikhail Elizarov - MITM

DEFCON Moscow 9

Avatar for DC7499

DC7499

July 03, 2015
Tweet

More Decks by DC7499

See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
Avatar for DC7499 defcon
0
550
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
Avatar for DC7499 defcon
0
280
Anton Lopanitsyn - Initial reconnaissance of web applications.
Avatar for DC7499 defcon
0
300
Dmitry Volkov - Private messengers: without pain??
Avatar for DC7499 defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
Avatar for DC7499 defcon
2
220
Sergey Belov - Another side of Bug Bounty programs
Avatar for DC7499 defcon
0
310
Dmitry Sklyarov - Intel ME: Flash file system explained
Avatar for DC7499 defcon
0
540
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
Avatar for DC7499 defcon
0
630
Sergey Golovanov - Indecent Response 2018
Avatar for DC7499 defcon
0
550

Other Decks in Research

See All in Research
[Devfest Incheon 2025] 모두를 위한 친절한 언어모델(LLM) 학습 가이드
Avatar for Beomi beomi
2
970
AIスパコン「さくらONE」の
オブザーバビリティ / Observability for AI Supercomputer SAKURAONE
Avatar for Yuuki Tsubouchi (yuuk1) yuukit
2
980
第二言語習得研究における 明示的・暗示的知識の再検討:この分類は何に役に立つか,何に役に立たないか
Avatar for Yu Tamura tam07pb915
0
400
SNLP2025:Can Language Models Reason about Individualistic Human Values and Preferences?
Avatar for Yuki Zenimoto yukizenimoto
0
220
大学見本市2025 JSTさきがけ事業セミナー「顔の見えないセンシング技術:多様なセンサにもとづく個人情報に配慮した人物状態推定」
Avatar for Mariko Isogawa miso2024
0
190
[論文紹介] Intuitive Fine-Tuning
Avatar for Ryokan RI ryou0634
0
150
単施設でできる臨床研究の考え方
Avatar for Shuntaro Sato shuntaros
0
3.3k
AIグラフィックデザインの進化:断片から統合(One Piece)へ / From Fragment to One Piece: A Survey on AI-Driven Graphic Design
Avatar for Shunsuke KITADA shunk031
0
570
【輪講資料】Moshi: a speech-text foundation model
for real-time dialogue
Avatar for Hayato Tsukagoshi hpprc
3
820
長期・短期メモリを活用したエージェントの個別最適化
Avatar for AITC - DENTSU SOKEN isidaitc
0
330
LLM-jp-3 and beyond: Training Large Language Models
Avatar for Yusuke Oda odashi
1
690
Vision and LanguageからのEmbodied AIとAI for Science
Avatar for Yoshitaka Ushiku yushiku
PRO
1
600

Featured

See All Featured
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
303
21k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
36
6.2k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
28
2.4k
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
246
12k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
355
21k
Unsuck your backbone
Avatar for Amy Palamountain ammeep
671
58k
KATA
Avatar for Megan Lloyd mclloyd
PRO
32
15k
Faster Mobile Websites
Avatar for Dean Hume deanohume
310
31k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
73
5k
How STYLIGHT went responsive
Avatar for nonsquared nonsquared
100
6k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.8k
The Web Performance Landscape in 2024 [PerfNow 2024]
Avatar for Tammy Everts tammyeverts
12
970

Transcript

  1. @_Saplt

  2. MitM

  3. • Введение (история появления атаки) • Цель проведения атаки Человек

    по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
  4. None
  5. None

  6. PWN ‘em all

  7. Пассивный сбор данных

  8. None

  9. Активный перехват

  10. • ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •

    ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)

  11. ARP таблица

  12. ARP spoofing

  13. ARP poisoning

  14. ICMP перенаправление

  15. IP spoofing

  16. поддельный IPv6 DHCP работает в сетях с IPv6

  17. Атака на WPAD MitM, MDNS, LLMNR (APIPA)

  18. BPDU(STP) Spoofing работает в сетях с IPv6

  19. BPDU(STP) Spoofing конечный результат

  20. DNS spoofing

  21. Поддельная WiFi сеть