The MITM (man-in-the-middle attack) is an attack that aims to intercept communications between two parties, without either party suspecting that the communication channel between them has been compromised.
This is a particular form of IP Spoofing. The hacker plays the intermediary between a client and a server. He is the server to the client and he is the client to the server. He can thus collect confidential information since he has access to all the dialogue of the correspondents.
For those of you who have read the article on the fundamentals of IT security, you understand. This is an attack on the integrity of the data being transmitted, thereby attacking the CIA.
Explanation of how the MITM attack works
Man in the Middle is a historic attack on the network. The principle is to place yourself between two protagonists, often a client and a server, pretending to be one of the protagonists.
In addition, the hacker will act as the server in front of the client, and as the client in front of the server. The interest is to read the exchanged data and possibly modify them.
Several steps are necessary to carry out this attack:
First, the diversion of the flow between the client and the server. The most used method is ARP Spoofing (we will come back to this in more detail in another article), which involves flooding the victim’s ARP table in order to redirect it to the hacker.
Next, Sniffing (or listening). Either with a simple software like Wireshark, or more elaborate with Ettercap.
Finally, the Modification of the flow, or alteration of data. The tools used are varied and depend on the nature of the desired alteration.
As you can imagine, engaging in such activity without permission is prohibited and condemned by law. Therefore, avoid launching such an attack if your target has not given you written permission.
