I had mentioned that I sent an email out to Offensive Security team for some background information on Kali Linux. I’ve developed a small relationship with one of the developers MUTS who pointed me to an older site where BackTrack used to be hosted. I’ve been using the Wayback Machine at arcive.org to do some timeline searching on the history of Kali/BackTrack. This process was quite tedious and took me much longer than expected. I had to read through many different pages that were archived at different times. That said, I’m very happy with the accurate information I was able retrieve. I also developed a pretty good, in my opinion, graphic timeline of the project history. Please see my draft research for a draft.
During my research I was surprised that MUTS was the original developer of BackTrack and posted most of the updates. During my email exchanges MUTS also expressed interest in reviewing my final project once complete. I look forward to his input at the end of the semester.
I have executed a Proof of Concept (PoC) on capturing login credentials for Facebook. However, due to TLS encryption I was not able to capture the session cookies using Wireshark. As we discussed during our last meeting this was to be expected. With a little research I used a tool called sslstrip while placing myself as a Man in the Middle (MitM). The sslstrip program intercepts the TLS connection and converts the traffic to straight HTTP traffic. Websites that do not force a pure SSL connection can fall victim to such an attack. (Note: Walsh College’s online courses are fully protected and do NOT succumb to the attack)
I have now split my attack into two separate attack vectors; the above listed attack, and one that attempts to capture session cookies using Wireshark. I have noted that my project website does not use TLS/SSL to protect the login process. My goal is to demonstrate that my own website can fall victim to a MitM attack. I have NOT executed a PoC on this attack as of yet.
Combining all three research areas I would estimate that I am about 75% complete in the composition. I have also developed the outline for my attack preparation and execution pages. With the current research and the successful proof of concept I am very excited to work through the rest of my project.
- Create How-To outline
- Develop Proof of Concept (PoC)
- Draft history/research pages
- Research draft; Raspberry Pi, Wireshark, Kali Linux
- Finish history/research pages
- Publish draft research pages on website
- Create How-To – Preparing the attack – draft