man in the middle attack

atul_mehrotra · 09-22-2004, 04:25 AM

hii people ....
Can any body help me in creating "Man in the middle attack " on unix platform....
i m interested in complete algo & explanation of each and every aspect of how to create such attack....
bye....

AAnarchYY · 09-22-2004, 04:34 AM

heh, think you can elaborate a little on this?

atul_mehrotra · 09-22-2004, 04:39 AM

hii..
this is a sort of attack made on networks where a particular machine starts acting as a middle man n every request to the server is passed thru this machine..
it is a sort of spying activity...here v can trap the information passed to the server if i m the middle man..

AAnarchYY · 09-22-2004, 04:44 AM

sounds like your looking for arp poisoning, ettercap does that

hopes he made the right descision

atul_mehrotra · 09-22-2004, 04:49 AM

thanx for immidiate reply man..
but i can u explain a bit abt ettercap....
i wanna know that how can i use it as in my lan i had server which has this version of LINUX...
"Red Hat Linux release 8.0 (Psyche)
Kernel 2.4.18-14smp on an i686"

AAnarchYY · 09-22-2004, 04:51 AM

well open it up and tinker around in it first, thats how i learned it, and i dont know how the newer version works because i dont use it(they changed the ncurses display and it sucks now, and the gtk one crashes too much and is a pain to work with)

atul_mehrotra · 09-22-2004, 04:54 AM

hey just tell me does it requires permissions of "super user" to use it

AAnarchYY · 09-22-2004, 04:57 AM

Certianly does.

atul_mehrotra · 09-22-2004, 05:03 AM

Sorry man i dont have superuser permission of the said server...
can i still use ettercap....

AAnarchYY · 09-22-2004, 05:09 AM

No, you can't. Not unless your network administrator gives you raw access to opening/closing/spoofing ports.

Marius2 · 09-22-2004, 08:32 AM

Quote:

Originally posted by atul_mehrotra
hii people ....
Can any body help me in creating "Man in the middle attack " on unix platform....
i m interested in complete algo & explanation of each and every aspect of how to create such attack....
bye....

There is no algorithm for "man in the middle" attack, since it's just
a principle, a design. Meaning: You have one (or a multitude of) sender and
one (or a multitude of) which are communication by whatever means, and
"man in the middle" is connecting inbetween them by opening up their
means of communication and listening on what is exchanged through it.
If you have access to sender or receiver, you might develop a software
layer which hooks into their communication and makes it visible and there-
fore readable to you.
If you don't, then you will need a third machine which is connected to the
same network. You will have to switch the connected network adapter
to promiscous mode, which will make it read anything that is sent through
your network, and well, read it and take the appropriate steps.
Ethereal for example is working this way.

XavierP · 09-22-2004, 10:52 AM

Could you clarify, please. You are a user on a network, the network admin doesn't know you or doesn't want to give you superuser access and you want to know how to attack a server on your network. Hmm, when you look at it that way, it appears that you want to attack the network. Maybe that's why you don't have root on the network?

Or am I reading you wrong? Take a look at the Rules of LQ - it looks as though you want us to help you break at least one of them.

crabboy · 09-22-2004, 11:48 AM

LQ is not a full disclosure site and will not be used to share/discuss exploits to linux or any other systems.

http://www.linuxquestions.org/rules.php

Closing thread.