download

Download link

Tuesday, 17 March 2015

Server Side MITM Attack - Proof of Concept

Server Side MITM Attack - Proof of Concept

Hello and Salam to everyone ,


I love to share my ideas and experiments , experience with peoples and today i am sharing the proof of concept on Server side MITM attack yes , i know you have not heard it before right but it is a vulnerability in which attacker can trick the user and can steal the user credentials.

We know that in MITM attack aka Man in the middle attack , attacker steals the user credentials like username and password right ? in many conditions attacker or hacker performs this attack such as in the condition a website is running on HTTP and there is a login form which deals with the important information sent from Client side to server side and attacker which is a third person can steal this because of the HTTP in this state HTTPS must be enforced on the website to avoid the MITM attack.

Now many big organizations running their website just enable HTTPS on their website but the point is they must enforce the HTTPS if they will just enable the HTTP the attacker can open website in both conditions in HTTP and also HTTPS while if attacker opens a website in HTTP he must be redirected to HTTPS as stated it must be enforced on the webpage.
While in another case here comes the Server side MITM attack , yes there are many other websites which are running on HTTPS and also HTTPS are enforced but what if we access the website directly from their IP address ? and what if the website is directly accessiable from the IP ? and also what if there is No HTTPS enabled or enforced on the IP ? yes you got my point.

Let me give you live example :-

lets ping google.com and we will get the ip address " google.com [216.58.209.238] " now we have the ip of the google.com and lets try to open it in browser rather than entering the domain.




google MITM attack


Lel the google is opening directly from its ip address but not a big deal leet , check out again there are not HTTPS enabled or enforced on the ip address and no HTTPS means insecure transaction of data. And in many conditions a user can trick the user into his trap to steal the information through MITM attack. eg cloning the url like click on the that url --> www.google.com or in many other conditions.

So in such state the administrator of the website must consider upon 2 things to avoid this and to make high and end security in which....


  • Redirect the direct ip access to the domain
  • Enable and Enforce HTTPS on the direct IP address


Hope you got the point. Happy Hacking.

No comments:

Post a Comment