What is MITM Attack?

What is the MITM Attack?

Are you really sure about that is no one is watching you. Is someone can read your messages anonymously? Is someone checks your private videos or something else? The Answer is Yes you have been watching and today, I will tell you about one of the methods that hackers can steal your personal files or data.

 

Hello guys, in this post I will try to Explain to you about Man-In-The-Middle Attack. How Hackers perform this attack? And How they

 

What Is a Man-in-the-Middle Attack?

A man-in-the-middle attack is a type of cyberattack where a malicious actor inserts him/herself into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else, or not meant to be sent at all, without either outside party knowing until it is too late. Man-in-the-middle attacks can be abbreviated in many ways, including MITM, MitM, MiM, or MIM.

 

Example

Suppose Neha wishes to communicate with Ram. Meanwhile, Sohan wishes to intercept the conversation to eavesdrop and optionally to deliver a false message to Ram.

 

First, Neha asks Ram for his public key. If Ram sends his public key to Neha, but Sohan is able to intercept it, an MITM attack can begin. Sohan sends Neha a forged message that appears to originate from Ram but instead includes Sohan's public key.

 

Neha, believing this public key to be Ram's, encrypts her message with Sohan's key and sends the enciphered message back to Ram. Sohan again intercepts, deciphers the message using her private key, possibly alters it if she wants, and re-enciphers it using the public key she intercepted from Ram when he originally tried to send it to Neha. When Ram receives the newly enciphered message, he believes it came from Neha.

 

Neha sends a message to Ram, which is intercepted by Sohan:

     Neha "Hi Ram, it's Neha. Give me your key." →     Sohan     Ram

Sohan relays this message to Ram; Ram cannot tell it is not really from Neha:

     Neha     Sohan "Hi Ram, it's Neha. Give me your key." →     Ram

Ram responds with his encryption key:

     Neha     Sohan     ← [Ram's key] Ram

Sohan replaces Ram's key with her own, and relays this to Neha, claiming that it is Ram's key:

     Neha     ← [Sohan's key] Sohan     Ram

Neha encrypts a message with what she believes to be Ram's key, thinking that only Ram can read it:

     Neha "Meet me at the bus stop!" [encrypted with Sohan's key] →     Sohan     Ram

However, because it was actually encrypted with Sohan's key, Sohan can decrypt it, read it, modify it (if desired), re-encrypt with Ram's key, and forward it to Ram:

     Neha     Sohan "Meet me at the van down by the river!" [encrypted with Ram's key] →     Ram

Ram thinks that this message is a secure communication from Neha.

This example shows the need for Neha and Ram to have some way to ensure that they are truly each using each other's public keys, rather than the public key of an attacker. Otherwise, such attacks are generally possible, in principle, against any message sent using public-key technology. A variety of techniques can help defend against MITM attacks.

 

Types of Man-in-the-Middle Attacks

Email Hijacking – attackers gain access to a user’s email account and watch transactions to and from the account. When the time is right, for instance the user is exchanging funds with another party, the attacker takes advantage of the situation by attempting to intercept the funds by spoofing one or all members of the conversation.

 

Wi-Fi Eavesdropping – a passive way to deploy MITM attacks, Wi-Fi eavesdropping involves cyber hackers setting up public Wi-Fi connections, typically with an unsuspecting name, and gain access to their victims as soon as they connect to the malicious Wi-Fi.

 

Session Hijacking – session hijacking is when an attacker gains access to an online session via a stolen session key or stolen browser cookies.

 

DNS Spoofing – an attacker engages in DNS spoofing by altering a website’s address record within a DNS (domain name server) server. A victim unknowingly visits the fake site and the attacker will attempt to steal their information.

 

IP Spoofing – similar to DNS spoofing, IP Spoofing sees an attacker attempt to divert traffic to a fraudulent website with malicious intent. Instead of spoofing the website’s address record, the attacker disguises an IP (internet protocol) address.

     Here are some tools which can be used to perform MITM Attack:-

• ArpSpoofing
• WebSploit
• WireShark
• John the Ripper
• Hydra, and so on

  

I hope you guys like my post. You can also, join us on Youtube and Facebook.

Here is the YouTube Channel Like  :-  Youtube

Here is the Facebook Page Link  :-   Facebook

Thank You!