Questions tagged [man-in-the-middle]
A man-in-the-middle attack (MiTM) is an attack against a communication protocol where the attacker relays and modifies messages in transit. The parties believe they are talking to each other directly, but in fact both are talking to each other via the attacker in the middle.
1,387 questions
1
vote
1
answer
121
views
Are there any techniques that would compromise private DNS by checking connections in reverse currently
I'm a new user. I know some things about computer systems.
I have a secure Domain Name System resolver server connection set up on this tablet device, a DNS over HTTPS connection - but I use a shared ...
- 13
1
vote
1
answer
109
views
Intercepting and manipulating via MITM but with generic TLS traffic, not https. And with Android as a target
I’m trying to intercept TLS traffic on port 8443 between an Android app and a IPcam (8443 is the webcam’s port) on my LAN, on-the-fly (like Burp Suite does with HTTP(S)). Protocol in 8443 is not HTTPS....
- 513
0
votes
1
answer
72
views
Mutual authentication with symmetric challenge-response protocol ap4.0
The challenge-response protocol ap4.0 is defined like the following:
Goal: avoid replay attack
Nonce: number R used only once (during the lifetime of the
key/pw/...)
Protocol ap4.0: to prove Alice &...
- 103
1
vote
0
answers
57
views
ettercap-text-only ARP Poisoning Works in Docker Environment with three containers but No Packets Are Sniffed
I'm working on a protected Docker based lab with three containers for education purpose to run network tools like Ettercap to perform a MITM.
Here's a snippet from my Dockerfile for the attacker ...
- 11
0
votes
2
answers
171
views
Can I skip verifying server CA in mTLS if I don't need request confidentiality nor response integrity?
Consider this scenario in an HTTPS (m)TLS [*] request:
A trusted client sends a select query (the request) to a read-only database server
The server uses a self-signed certificate, so it is ...
- 133
3
votes
1
answer
340
views
Can't MITM be performed on U2F during registration?
When a U2F registers for the first time, the device transmits the public key to the server, what exactly prevents an attacker from performing a MITM attack and sending his own public key to the server ...
1
vote
1
answer
184
views
Can biometrics be intercepted locally?
Passwords are vulnerable to keyloggers and other man-in-the-middle attacks by malware that's running on the same device. Is this also true for biometrics like fingerprint scanners and faceID? Seems to ...
- 111
2
votes
0
answers
389
views
How to capture fully decrypted HTTPS traffic in a transparent proxy setup without TLS key logs?
I am currently working on a home "forensic" lab and I have set up an OPNsense-based transparent proxy (squid) to intercept and analyze HTTPS traffic coming from a Windows 11 client. I can ...
3
votes
2
answers
3k
views
Is a physical private network directly connected between hosts secure?
Let's consider host A and host B with network interfaces connected directly with an ethernet cable. It can also be assumed that the physical security of this cable is okay.
Neither host supports ...
- 45
4
votes
4
answers
3k
views
Do I need a 2nd layer of encryption through secured site (HTTPS/SSL/TLS)?
For example, if I were to send a post request to a /login route, would that payload already be encrypted if the API URL is HTTPS? As far as I know, if it is in HTTPS, then the payload is already ...
- 43
2
votes
1
answer
523
views
mitmproxy with wireguard to log all network traffic on my machine (arch linux): SERVAIL Recursive question
I would like to use mitm transparent mode with wireguard
So I tried this
mitmweb --mode wireguard 0 (3....
2
votes
1
answer
379
views
Can a TLS MITM decrypt Apple Airdrop files?
I know that TLS MitM can get HTTP/S traffic decrypted when using certificates.
I'm wondering if it has the ability to decrypt the Apple Airdrop protocol as well as it doesn't go through a server and ...
- 21
1
vote
1
answer
226
views
Redirect all outgoing http and https requests to Burp using nftables
I'm working on a very limited client (based on Poky from the Yocto Project), on which I want to redirect all http/https requests to my other machine on the same network. I have nftables available on ...
- 105
1
vote
0
answers
96
views
Identifying user behind a router [closed]
I have a small intranet, in which I have complete control over its deployment. I can even do MiTM, packet inspection/injection etc.
There is a router and then there are 5 users behind the routers.
The ...
- 343
1
vote
0
answers
118
views
MITM/MTM - Vague Acronym Meanings in Cyber Security [closed]
As I learn more about cyber security, I'm seeing a greater number of ambiguous acronyms (within the same field of cyber security) for various attacks. I was confused when reading articles that refer ...
- 19