Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Mikhail Elizarov - MITM
Search
DC7499
July 03, 2015
Research
0
91
Mikhail Elizarov - MITM
DEFCON Moscow 9
DC7499
July 03, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
560
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
290
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
310
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
220
Sergey Belov - Another side of Bug Bounty programs
defcon
0
320
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
550
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
650
Sergey Golovanov - Indecent Response 2018
defcon
0
560
Other Decks in Research
See All in Research
[IBIS 2025] 深層基盤モデルのための強化学習 驚きから理論にもとづく納得へ
akifumi_wachi
19
9.5k
Sat2City:3D City Generation from A Single Satellite Image with Cascaded Latent Diffusion
satai
4
660
音声感情認識技術の進展と展望
nagase
0
460
Proposal of an Information Delivery Method for Electronic Paper Signage Using Human Mobility as the Communication Medium / ICCE-Asia 2025
yumulab
0
160
ACL読み会2025: Can Language Models Reason about Individualistic Human Values and Preferences?
yukizenimoto
0
120
データサイエンティストの業務変化
datascientistsociety
PRO
0
220
湯村研究室の紹介2025 / yumulab2025
yumulab
0
300
存立危機事態の再検討
jimboken
0
240
ForestCast: Forecasting Deforestation Risk at Scale with Deep Learning
satai
3
390
自動運転におけるデータ駆動型AIに対する安全性の考え方 / Safety Engineering for Data-Driven AI in Autonomous Driving Systems
ishikawafyu
0
130
SREのためのテレメトリー技術の探究 / Telemetry for SRE
yuukit
13
3k
OWASP KansaiDAY 2025.09_文系OSINTハンズオン
owaspkansai
0
110
Featured
See All Featured
Designing for Performance
lara
610
70k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
240
The Power of CSS Pseudo Elements
geoffreycrofte
80
6.2k
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.2k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
AI: The stuff that nobody shows you
jnunemaker
PRO
2
260
Crafting Experiences
bethany
1
49
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
250
How to audit for AI Accessibility on your Front & Back End
davetheseo
0
180
GraphQLの誤解/rethinking-graphql
sonatard
74
11k
Producing Creativity
orderedlist
PRO
348
40k
Leading Effective Engineering Teams in the AI Era
addyosmani
9
1.6k
Transcript
@_Saplt
MitM
• Введение (история появления атаки) • Цель проведения атаки Человек
по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
None
None
PWN ‘em all
Пассивный сбор данных
None
Активный перехват
• ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •
ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)
ARP таблица
ARP spoofing
ARP poisoning
ICMP перенаправление
IP spoofing
поддельный IPv6 DHCP работает в сетях с IPv6
Атака на WPAD MitM, MDNS, LLMNR (APIPA)
BPDU(STP) Spoofing работает в сетях с IPv6
BPDU(STP) Spoofing конечный результат
DNS spoofing
Поддельная WiFi сеть
defcon
akifumi_wachi
.png){kind=avatar}
satai
nagase
yumulab
.jpg){kind=avatar}
yukizenimoto
datascientistsociety
jimboken
ishikawafyu
yuukit
owaspkansai
lara
greggifford
geoffreycrofte
signer
marcelosomers
jnunemaker
bethany
tmiket
davetheseo
sonatard
orderedlist
addyosmani
