Man-in-the-middle attack

Abbreviated as MITMA, a man-in-the-middle attack is an attack where a user gets between the sender and receiver of information and sniffs any information being sent. In some cases, users may be sending unencrypted data, which means the man-in-the-middle (MITM) can obtain any unencrypted information. In other cases, a user may be able to obtain information from the attack but have to unencrypt the information before it can be read. In the picture below is an example of how a man-in-the-middle attack works. The attacker intercepts some or all traffic coming from the computer, collects the data, and then forwards it to the destination the user was originally intending to visit.

Tools

• Ettercap:  do MITM attack, redirect all victim traffic to attack webserver
• Metasploit: creat backdoor and get meterpreter session

Method

1. Create a fake update web page
2. Create a payload using msfvenom
3. Using DNS spoof attack

Tutorial

https://www.youtube.com/watch?v=yULD463ps7g