Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Mikhail Elizarov - MITM
Search
DC7499
July 03, 2015
Research
0
88
Mikhail Elizarov - MITM
DEFCON Moscow 9
DC7499
July 03, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
540
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
270
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
290
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
210
Sergey Belov - Another side of Bug Bounty programs
defcon
0
300
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
520
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
610
Sergey Golovanov - Indecent Response 2018
defcon
0
530
Other Decks in Research
See All in Research
一人称視点映像解析の最先端(MIRU2025 チュートリアル)
takumayagi
6
3.5k
[輪講] SigLIP 2: Multilingual Vision-Language Encoders with Improved Semantic Understanding, Localization, and Dense Features
nk35jk
2
990
なめらかなシステムと運用維持の終わらぬ未来 / dicomo2025_coherently_fittable_system
monochromegane
0
2.8k
Time to Cash: The Full Stack Breakdown of Modern ATM Attacks
ratatata
0
130
EcoWikiRS: Learning Ecological Representation of Satellite Images from Weak Supervision with Species Observation and Wikipedia
satai
3
130
20250605_新交通システム推進議連_熊本都市圏「車1割削減、渋滞半減、公共交通2倍」から考える地方都市交通政策
trafficbrain
0
770
数理最適化に基づく制御
mickey_kubo
6
730
AIによる画像認識技術の進化 -25年の技術変遷を振り返る-
hf149
7
4k
Adaptive Experimental Design for Efficient Average Treatment Effect Estimation and Treatment Choice
masakat0
0
110
投資戦略202508
pw
0
560
最適化と機械学習による問題解決
mickey_kubo
0
170
Cross-Media Information Spaces and Architectures
signer
PRO
0
240
Featured
See All Featured
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
13k
For a Future-Friendly Web
brad_frost
180
9.9k
A designer walks into a library…
pauljervisheath
207
24k
Building a Modern Day E-commerce SEO Strategy
aleyda
43
7.6k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
126
53k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
9
810
Facilitating Awesome Meetings
lara
55
6.5k
Balancing Empowerment & Direction
lara
3
620
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
31
2.2k
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.7k
How STYLIGHT went responsive
nonsquared
100
5.8k
Transcript
@_Saplt
MitM
• Введение (история появления атаки) • Цель проведения атаки Человек
по середине • Виды атак (пассивны/активный) • Инструменты • Полученные результаты
None
None
PWN ‘em all
Пассивный сбор данных
None
Активный перехват
• ARP spoofing (полудуплекс) • ARP poisoning (полный дуплекс) •
ICMP перенаправление • IP spoofing • DHCP spoofing,поддельный IPv6 DHCP • WPAD MitM, MDNS, LLMNR (APIPA) • BPDU(STP) Spoofing • DNS spoofing • Evil WiFi AP (Зараженные точки доступа WiFI)
ARP таблица
ARP spoofing
ARP poisoning
ICMP перенаправление
IP spoofing
поддельный IPv6 DHCP работает в сетях с IPv6
Атака на WPAD MitM, MDNS, LLMNR (APIPA)
BPDU(STP) Spoofing работает в сетях с IPv6
BPDU(STP) Spoofing конечный результат
DNS spoofing
Поддельная WiFi сеть