Documente Academic
Documente Profesional
Documente Cultură
Hacker
MITM - Sniffing Data
Hacker
MITM - Modifying Data
Hacker
MITM - Modifying Data
Hacker
Queue
Packet 1
Packet 2
Requests Requests
Packet 3
Packet 4
…..etc
Hacker
Queue
Packet 1
Packet 2
Requests Modify in Requests
Packet 3 python
program
Packet 4
…..etc
Hacker
Queue
Packet 1
Packet 2
Modify in
python Packet 3
Responses program
Responses
Packet 4
…..etc
Hacker
Bing.com web server User
204.79.197.200
facebook.com web server
195.44.2.1
DNS server
Bing.com web server User
204.79.197.200
facebook.com web server
.com
195.44.2.1
bing
DNS server
DNS Records
204.79.197.200
bing.com A
195.44.2.1
facebook.com A
zsecurity.org A 104.27.153.174
……..etc
Bing.com web server User
204.79.197.200
facebook.com web server
195.44.2.1
0
7.20
. 79.19
204
DNS server
204.7
9.197.
200
Bing.com web server User
204.79.197.200
facebook.com web server
195.44.2.1
DNS server
Bing.com web server User
204.79.197.200
facebook.com web server
.com
195.44.2.1
bing
DNS server
Requests
Requests
Bing.com web server Hacker User
204.79.197.200
Responses
facebook.com web server Responses
195.44.2.1
DNS server
bing.com
Bing.com web server
0
7.20
9.19
4.8
20
Hacker web server
10.0.2.16 DNS server
Bing.com web server
Solution:
● Use HTTPS.
● HTTPS is an adaptation of HTTP.
● Encrypt HTTP using TLS (Transport Layer Security) or SSL (Secure Sockets
Layer).
ARP Spoofing
Resources
eg:internet
Victim
ARP Spoofing
Resources
eg:internet
Victim
ARP Spoofing
HTT
PS R
HTTPS Re
esp
ons
es
sponses
Resources
eg:internet
Victim
ARP Spoofing
HTT
PS R Access Point
Hacker equ
ests
HTT
PS R
HTTPS Re
esp
HTTPS Requests
ons
es
sponses
Resources
eg:internet
Victim
ARP Spoofing
HTT
PS R Access Point
Hacker equ
ests
HTT
PS R
HTTPS Re
esp
HTTPS Requests
ons
es
sponses
Resources
eg:internet
Victim
ARP Spoofing With SSLstrip
Resources
eg:internet
Victim
ARP Spoofing With SSLstrip
HTT
PS R
esp
Response
ons
es
Resources
s
eg:internet
Victim
ARP Spoofing With SSLstrip
HTT
PS R
esp
Response
ons
es
Requests
Resources
s
eg:internet
Victim
ARP Spoofing With SSLstrip
HTT
SSLstrip
PS R Access Point
equ
ests
HTT
PS R
esp
Response
ons
es
Requests
Resources
s
eg:internet
Victim
ARP Spoofing With SSLstrip
HTT
SSLstrip
PS R Access Point
equ
ests
HTT
PS R
esp
Response
ons
es
Requests
Resources
s
eg:internet
Victim
Python On Windows
Note: this is a python interpreter not a linux emulator, if your program relies
on Linux commands or operations only available in Linux then the program
will not run properly.
ARPSpoof_Detector