Attack on SSHv1 using dsniff
9
-
Upload
cynthia-warren -
Category
Documents
-
view
14 -
download
0
description
Attack on SSHv1 using dsniff. By Oleg Kolesnikov [email protected]. Spoofing DNS. Running MITM daemon. User Establishes a Connection. DNS is Spoofed. User is presented with a forged public key. User Enters Password. Attacker gains Full Access to Data and Passwords. - PowerPoint PPT Presentation
Transcript of Attack on SSHv1 using dsniff
![Page 2: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/2.jpg)
Spoofing DNS
![Page 3: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/3.jpg)
Running MITM daemon
![Page 4: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/4.jpg)
User Establishes a Connection
![Page 5: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/5.jpg)
DNS is Spoofed
![Page 6: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/6.jpg)
User is presented with a forged public key
![Page 7: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/7.jpg)
User Enters Password
![Page 8: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/8.jpg)
Attacker gains Full Access to Data and Passwords
Decrypted Login / password
Attacker can type in commands and hijack connection
![Page 9: Attack on SSHv1 using dsniff](https://reader035.fdocuments.net/reader035/viewer/2022072014/56812e45550346895d93d5bb/html5/thumbnails/9.jpg)
User is not Aware of Attack