I wrote an example of a *very* basic, ‘El-Cheapo’ man-in-the-middle attack that leverages the Python socket library to ‘eavesdrop’ on a series of message transmissions between a ‘legitimate server’ VM and its associated ‘client’ VM. The ‘legitimate’ messages are just basic text messages and a message sequence number.
Basically, the attacking VM, called ‘Evil Server’, spins up a Python socket receive thread that ‘hoovers in’ any traffic destined for a predetermined UDP port number and then displays those messages (i.e., the messages sent by the ‘legitimate’ server that were intended only for the client) .
Evil Server then spins up a send thread which basically starts infinitely broadcasting an ‘Evil Server message’ which get injected into all the other legitimate messages that are being sent by the legitimate server.
I put delays into the evil server broadcasts so that you can see the intermingled messages that hit the client – otherwise evil server could also be used as a simple denial of service tool that would swamp both the client and the server as well.
I posted a 5 minute demo video and a ppt deck that explains the environment – the box link is below
I wrote an example of a *very* basic, ‘El-Cheapo’ man-in-the-middle attack that leverages the Python socket library to ‘eavesdrop’ on a series of message transmissions between a ‘legitimate server’ VM and its associated ‘client’ VM. The ‘legitimate’ messages are just basic text messages and a message sequence number.
Basically, the attacking VM, called ‘Evil Server’, spins up a Python socket receive thread that ‘hoovers in’ any traffic destined for a predetermined UDP port number and then displays those messages (i.e., the messages sent by the ‘legitimate’ server that were intended only for the client) .
Evil Server then spins up a send thread which basically starts infinitely broadcasting an ‘Evil Server message’ which get injected into all the other legitimate messages that are being sent by the legitimate server.
I put delays into the evil server broadcasts so that you can see the intermingled messages that hit the client – otherwise evil server could also be used as a simple denial of service tool that would swamp both the client and the server as well.
I posted a 5 minute demo video and a ppt deck that explains the environment – the box link is below
comments welcome.
https://www.dropbox.com/sh/myuz5kmq8llgogy/AABGN4yYKRJSn86dlkq4ziCXa?dl=0