Download presentation
Presentation is loading. Please wait.
1
Information Networking Security and Assurance Lab National Chung Cheng University dsniff
2
Information Networking Security and Assurance Lab National Chung Cheng University 2 Outline Objective dsniff toolbox How to use them to find out secret
3
Information Networking Security and Assurance Lab National Chung Cheng University 3 Objective Collect the secret information from network
4
Information Networking Security and Assurance Lab National Chung Cheng University 4 Description Is a sniffer like tcpdump, comm viewbut dsniff focus on ID,PW Dsniff is a collection of tools for network
5
Information Networking Security and Assurance Lab National Chung Cheng University 5 Sniffer toolbox Spoofing tools Arpspoof Dnsspoof Macof TCP tools Tcpkill Tcpnice Sniffer tools Dsniff Filesnarf Msgsnarf Sshmitm Urlsnarf Webmitm Webspy
6
Information Networking Security and Assurance Lab National Chung Cheng University 6 Install dsniff Require OS: Gentoo Linux x86 #emerge dsniff http://www.monkey.org/~dugsong/dsniff/
7
Information Networking Security and Assurance Lab National Chung Cheng University 7 Arpspoof ARP (Address Resolution Protocol) IP=>Ethernet MAC Address --Broadcast-- Hey everyone which Ethernet Card has IP 10.0.0.1 --Reply-- I ’ m 10.0.0.1 My MAC address is ….. … … MACPort 00:0E:A6:42:AC:D11 00:40:F4:8B:AC:153 2 00:0E:A6:42:AC:D14
8
Information Networking Security and Assurance Lab National Chung Cheng University 8 Network Environment Note: IP forward must be enable
9
Information Networking Security and Assurance Lab National Chung Cheng University 9 Mike before attack Action ! Arpspoof- action ! Bingo ! Original After attack
10
Information Networking Security and Assurance Lab National Chung Cheng University 10 Dnsspoof DNS runs on UDP protocol Send out a forge query and response
11
Information Networking Security and Assurance Lab National Chung Cheng University 11 Network Environment
12
Information Networking Security and Assurance Lab National Chung Cheng University 12 Dnsspoof Create DNS query file Dnsspoof go! Wow … Our heaven INSA Oh …. Ya …. INSA was dead …
13
Information Networking Security and Assurance Lab National Chung Cheng University 13 Dsniff Password sniffer FTP, telnet, SMTP, POP, HTTP
14
Information Networking Security and Assurance Lab National Chung Cheng University 14 Network Environment
15
Information Networking Security and Assurance Lab National Chung Cheng University 15 Dsniff-catch Mike’s password Setup the “mousetrap” Enjoy password
16
Information Networking Security and Assurance Lab National Chung Cheng University 16 Macof Cause switch act like a hub MAC Port 00:0C:6E:0B:A9:36 1 00:40:F4:8B:AC:15 3 00:0E:A6:42:AC:D1 6 1 K 4 K
17
Information Networking Security and Assurance Lab National Chung Cheng University 17 Network Environment
18
Information Networking Security and Assurance Lab National Chung Cheng University 18 Macof- confuse switch
19
Information Networking Security and Assurance Lab National Chung Cheng University 19 Msgsnarf Instant message sniffer MSN, Yahoo messenger, ICQ, IRC Search specify pattern
20
Information Networking Security and Assurance Lab National Chung Cheng University 20 Network Environment
21
Information Networking Security and Assurance Lab National Chung Cheng University 21 Msgsnarf-get the secret talk
22
Information Networking Security and Assurance Lab National Chung Cheng University 22 Sshmitm SSH monkey-in-the-middle Relay session Capturing SSH password logins Hijacking interactive sessions. Only SSH protocol version 1
23
Information Networking Security and Assurance Lab National Chung Cheng University 23 Network Environment
24
Information Networking Security and Assurance Lab National Chung Cheng University 24 Sshmitm show time Attack1 Roy Mike
25
Information Networking Security and Assurance Lab National Chung Cheng University 25 Tcpkill Kill a TCP connection by spoofing a RST packet
26
Information Networking Security and Assurance Lab National Chung Cheng University 26 Network Environment
27
Information Networking Security and Assurance Lab National Chung Cheng University 27 Tcpkill- Jei kill Roy Victim1 Mike: 接好 !! 最高機密 !! Roy: 小心隔牆有耳 !! Jei: 又排擠我! 搞破壞 !! ftp.ccu.edu.tw Attacker 暗自竊喜 … 看我的... 哇哈哈哈.. 為民除害 怎麼了? 怎麼了?嗚嗚 … 躲在牆後面 - ( 偷笑中 …)
28
Information Networking Security and Assurance Lab National Chung Cheng University 28 Tcpnice Slow down the connection speed Change the window size 1 20 Win 160 Win 8
29
Information Networking Security and Assurance Lab National Chung Cheng University 29 Network Environment
30
Information Networking Security and Assurance Lab National Chung Cheng University 30 Tcpnice Normal speed No any tcpnice Tcpnice enable After a moment… Slower … 1 MB->464kB
31
Information Networking Security and Assurance Lab National Chung Cheng University 31 Urlsnarf Grab any URLs from HTTP traffic
32
Information Networking Security and Assurance Lab National Chung Cheng University 32 Network Environment
33
Information Networking Security and Assurance Lab National Chung Cheng University 33 Urlsnarf
34
Information Networking Security and Assurance Lab National Chung Cheng University 34 Webspy Sniff the victim’s web traffic and connect to
35
Information Networking Security and Assurance Lab National Chung Cheng University 35 Network Environment
36
Information Networking Security and Assurance Lab National Chung Cheng University 36 Webspy- interact with you Need netscape
37
Information Networking Security and Assurance Lab National Chung Cheng University 37 特別鳴謝 --- 友情客串 --- Mike 莊明霓飾 Jei 廖威捷飾 --- 場地 --- insafs.comm.ccu.edu.tw bbs.ccu.edu.tw insa test-bed 140.123.113.77 --- 道具 --- INSA Lab. --- 特別贊助 --- Microsoft IBM Netscreen.. ( 太多了 由衷感謝 ) --- 執行製作 --- Roy --- 導演 --- Roy =THE END=
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.