Lab.02 Information Security

October 5, 2022October 5, 2022 Anca-Maria NicaAnca-Maria Nica 0 Comments 3:58 am

Impersonation and man-in-the-middle attacks (1)

  1. Attacks (see the slide 9 from the first lecture)
    – outsider / insider
    – passive / active
    – coalition
  2. Concepts (see the slides from the second lecture):
    – secret key
    – public key
    – nonce
  3. Impersonation and MITM attacks
  4. Proxy servers and VPN (see the video)
  5. mitmproxy on Kali linux (see the documentation)
    Commands – some examples:

    1. clear (CTRL + L)
    2. mitmproxy –h (help)
    3. q and Q( end session)
    4. curl (client URL – for sending and receiving data from the server)
      1. curl site
      2. curl file site (the page will be saved in the file)
      3. curl site -I (capital i)
      4. curl – -proxy [protocol://]host[:port] <target>
      5. curl – -proxy http://localhost:8080 site
    5. interception using mitmproxy (http://wttr.in/city )
      1. i (intercepts and stops the response)
      2. ‘~u [regulate expression]’
      3. [client’s request]
      4. [open the red text]
      5. e
      6. path
      7. [change the request’s path]
      8. Esc
      9. q
      10. a (sends the modified response)
  6. MITM attacks with mitmproxy
  • Project 2 (3 students)
    Proxy servers and their role in security and privacy.
  • Profect 3 (3 students)
    Cryprographic protocols secure against MITM attacks.
Tags: , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

en English
ar Arabiczh-CN Chinese (Simplified)nl Dutchen Englishfr Frenchde Germanel Greekiw Hebrewhi Hindiit Italianko Koreanpt Portuguesero Romanianru Russiansr Serbianes Spanish