Stack Overflow
Stack Overflow

Questions tagged [man-in-the-middle]

An attacker who interposes himself in the middle of a connection.

An attacker who interposes himself between a client and a server. He can perpetrate both passive (eavesdropping) and active (interjection or truncation) attacks. Secure protocols such as HTTPS can guard against these attacks when correctly implemented at all layers including the application layer.

206 questions
704
votes
31 answers

ssh remote host identification has changed

I've reinstalled my server and I am getting these messages: [user@hostname ~]$ ssh root@pong @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! …
Filip Dobrovolný
  • 7,227
  • 3
  • 12
  • 15
95
votes
5 answers

SSL and man-in-the-middle misunderstanding

I've read tons of documentation related to this problem but I still can't get all the pieces together, so I'd like to ask a couple of questions. First of all I'll describe briefly the authentication procedure as I understand it, as I may be…
Vadim Chekry
  • 1,153
  • 1
  • 11
  • 14
25
votes
6 answers

Capturing HTTPS traffic in the clear?

I've got a local application (which I didn't write, and can't change) that talks to a remote web service. It uses HTTPS, and I'd like to see what's in the traffic. Is there any way I can do this? I'd prefer a Windows system, but I'm happy to set up…
Roger Lipscombe
  • 81,986
  • 49
  • 214
  • 348
19
votes
4 answers

How does this Man-In-The-Middle attack work?

The Django documentation on its CSRF protection states that: In addition, for HTTPS requests, strict referer checking is done by CsrfViewMiddleware. This is necessary to address a Man-In-The-Middle attack that is possible under HTTPS when …
Enno Shioji
  • 25,422
  • 13
  • 67
  • 104
13
votes
6 answers

Man in the Middle (MITM) proxy with HTTPS support

We seem to be going round in circles a bit at the moment. We are looking for simple light weight, preferably ruby based proxy that enables us to do the following. Proxy HTTPS requests between a browser and a Web app. e.g. GMail Intercept and modify…
carlskii
  • 131
  • 1
  • 3
11
votes
2 answers

Is man-in-the-middle attack a security threat during SSH authentication using keys?

I am no expert in network security, so pardon if this question is not very smart :). I am automating logins to some machines using ssh. I am currently avoiding host-key warnings using StrictHostKeyChecking no. I naively understand that someone can…
JP19
11
votes
1 answer

Man in the middle attack with scapy

I'm trying to do a man in the middle attack with scapy on a test network. My setup is like this: Now that you get the idea, here's the code: from scapy.all import * import multiprocessing import time class MITM: packets=[] def…
prongs
  • 8,944
  • 19
  • 61
  • 104
9
votes
1 answer

Detect Man In The Middle From An Application

I did an interesting experiment today. I opened Amazon.com in my browser, logged in, brought up Fiddler, and tried to add a brand new credit card. I typed in my credit card number, expiration, and card holder name. When I submitted the request I…
duffymo
  • 293,097
  • 41
  • 348
  • 541
7
votes
2 answers

How does challenge-response protocol help against man-in-the-middle attacks?

How does challenge-response authentication prevent man-in-the-middle attacks? I read the wiki article but still I cannot understand.
user574183
  • 660
  • 1
  • 10
  • 21
7
votes
2 answers

How to proxy gRPC calls

I'm trying to analyse what information an app is sending so I setup Charles but to my surprise nothing was logged out. After decompiling the app I see that it doesn't use simple REST calls but rather a library called gRPC. Is there a good tool out…
Paulus2
  • 327
  • 3
  • 11
6
votes
5 answers

Man in Middle attack - Can such an attack occur if symmetric keys are used?

If we consider Man In the Middle Attack; Can such an attack occur if symmetric keys are used?
CGF
  • 273
  • 3
  • 5
  • 15
6
votes
1 answer

Certificate pinning in Ajax calls

I believe I already know the answer to this but I wanted to see if anyone had more insight into this problem. I have done certificate pinning in Android and iOS applications to make them more secure against man in the middle attacks. I am curious,…
Bobbake4
  • 23,485
  • 8
  • 55
  • 89
6
votes
4 answers

debugging https from android emulator

I have an android(4.2) app that uses the https to talk to the webservice. I want to debug/log every https that goes out. I have fiddler and wireshark to debug them, but everything looks encrypted. can a man-in-middle attack be setup with emulator…
Vijay Veeraraghavan
  • 2,487
  • 3
  • 32
  • 68
5
votes
1 answer

LittleProxy-mitm will not relay HTTPS properly

I'm trying to perform a man-in-the-middle attack on a HTTPS connection by relaying all traffic and picking out certain traffic to modify. I looked into LittleProxy-mitm as well as LittleProxy and these projects look very promising. I followed the…
BullyWiiPlaza
  • 12,477
  • 7
  • 82
  • 129
5
votes
1 answer

Why doesn't SSH use the interlock protocol?

It seems that the SSH designers cared a great deal about man in the middle attack. Their approach was, to save server's public key finger print at the first time you're connected to the server (and hope that the user doesn't connect from a poisoned…
Elazar Leibovich
  • 30,136
  • 27
  • 116
  • 161
1
2 3
13 14