cs393lab5

cs393lab5 - CS 393 Lab 5 Zhou, HuanXian 0225418 SSL MITM...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 393 Lab 5 Zhou, HuanXian 0225418 SSL MITM Attack 1.0 Objective The Secure Sockets Layer, SSL is one of the world’s most important forms of commercial encryption. It is the public key system generally employed by e- commerce websites like Amazon, in order to prevent payment details from being intercepted by third parties. The tool – called ‘SSL strip’ – is based around a man-in-the-middle attack, where the system for redirecting people from the insecure to the secure version of a web page is abused. By acting as a man-in-the-middle, the attacker can compromise any information sent between the user and the supposedly secure webpage. This kind of vulnerability has always existed with SSL because it is difficult to be certain about where the endpoints of communication lie. Rather than having a secure end-to-end connection between Amazon and you, there might be a secure connection between you and an attacker (who can read everything you do in the clear), and then a second secure connection between the attacker and Amazon. DO NOT TARGET ANYTHING OUTSIDE OF VLAB. THIS EXERCISE MUST BE PERFORMED WITHIN THE CONFINES OF VLAB LAB. 1.1 SSLStrip Background Information Before beginning this lab watch the following presentation from Moxie Marlinspike the author of SSLStrip. https://media.blackhat.com/bh-dc-09/video/Marlinspike/blackhat-dc-09- marlinspike-slide.mov The website for SSLStrip can also be found at:
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
http://www.thoughtcrime.org/software/sslstrip/ 2.0 Perform Man in the Middle Attack The VLAB is setup so that you have two machines on a common VLAN with a target (client machine) running WindowsXP. The second machine is running Backtrack4. Additionally there is a gateway (router) which connects these machines to a second VLAN in which resides a webserver which will be used in the attack. A depiction of the setup is below: Make sure to start the nat/dhcp/dns/default gateway box from within VLAB before proceeding.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/02/2010 for the course CS 393 taught by Professor Staff during the Spring '08 term at NYU Poly.

Page1 / 8

cs393lab5 - CS 393 Lab 5 Zhou, HuanXian 0225418 SSL MITM...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online