Execution

Two types of attack vectors are provided using ARPSpoof to execute the MitM attack.

Wireshark_Logo2

Attack Vector 1 – Wireshark

The first attack vector is a plain text attack leveraging Wireshark to capture, filter, and interpret data sent to and from this WordPress blog.

 

kaliAttack Vector 2 – SSLStrip

The second attack vector targets a weakness in some SSL implementations that allow for the interception of HTTPS request and replacing them with HTTP requests using SSLStrip. In turn, this allows for yet another plain text attack on the data that is being posted to the server by the user.