EH-03-P1: MITM Attacks

Question 1

What is the third step of an On-Path execution

Answer 1

Potentially sensitive information about a client is collected as the communication continues

Question 2

Victims having no idea their communication is being intercepted is which step of the On-Path execution step

Answer 2

Step 2

Question 3

What is the first step of an On-Path execution

Answer 3

An attacking machine places itself between computers communicating with each other

Question 4

What is the DNS poisoning process?

Answer 4

• configuring host files
• capturing victim’s DNS request
• Redirect the victim to a target IP
• use ARP poisoning to position the machine in the middle

Question 5

What is the ARP Poisoning Process?

Answer 5

• Exploits lack of ARP packet validation
• Forges ARP request packets
• Requests are sent as if by the victim
• Updates ARP tables in the network’s nodes

Question 6

What is Bettercap

Answer 6

• Bettercap is a tool used for On-Path attacks.
• Can initiate ARP poisoning and DNS spoofing
• Sends false DNS responses to the victim

Question 7

set

Answer 7

specifies the required parameters

Question 8

arp.spoof.target

Answer 8

specifies the target IP

Question 9

arp.spoof

Answer 9

specifies ARP spoofing actions

Question 10

dns.spoof.domains

Answer 10

specifies website domains to be spoofed

Question 11

dns.spoof.address

Answer 11

specifies IP addresses for redirection

Question 12

What is SSL Stripping

Answer 12

• downgrades HTTPS to HTTP

- provides plain text view of data