Evil twin and man-in-the-middle attack II

Abstract

Man-in-the-middle attacks are not a new concept. However, they were not viewed as a serious threat until recent years where sophisticated versions of such attacks sent the financial industry into a flurry, introducing new initiatives such as new bank tokens to counter the onslaught of such attacks.

This project aims to design and execute proof of concept Man-in-the-middle attacks using free ware available over the Internet to showcase inherent vulnerabilities in WI-FI networks that can be exploited. Through these experiments, it can be shown that careless users and users that are less aware of security issues of the Internet can be compromised through such exploits.

In this project, a Man-in-the-middle machine is set up in between a legitimate access point and victim devices and the communication streams between them were monitored and analysed for sensitive information like passwords and login information. Contrary to popular belief that HTTPS communications are secure, part one of this project focuses on proving that HTTPS connections can be compromised, by targeting the transition from HTTP to HTTPS. Part two of the project showcases the possibility of a driveby attack through the use of a phishing website in a Man-in-the-middle setup, whereby an illegal download is loaded onto a victim machine without consent.

The outcomes of the experiments show that Man-in-the-middle attacks are still relevant and can be easily propagated in today’s society. It also gives a brief glimpse into modern web browsers’ defense mechanism, especially on mobile devices, where security features are small and easily forgotten by careless users.

Even though Man-in-the-middle attacks are devastating, a silver lining remains. It is possible to mitigate the dire consequences these threats cause through educating the public to be more aware of web security.