.c om cu u du o ng th an co ng Capturing Traffic CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Contents ng  Networking for Capturing traffic co  ARP Cache Poisoning cu u du o ng th an  SSL Man-in-the-Middle Attacks CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Networking for Capturing traffic co  Layer one device of the OSI model ng  Hubs Device: an  Send frames out on all ports including the port in  Switches Device: cu u  MAC address table du o ng th which the frame was received on  Switches provide separate collision domains on each port CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Using Wireshark  Wireshark is a graphical network protocol analyzer that lets us take a deep co ng dive into the individual packets moving around the network th an  Wireshark can be used to capture Ethernet, wireless, Bluetooth, and many cu u du o ng other kinds of traffic CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ARP Cache Poisoning  To capture traffic not intended for the Kali system, we need to find some co ng way to have the relevant data sent to our Kali system th an  Perform a man-in-the-middle attack: redirect and intercept traffic between cu u du o ng two systems CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ng co an th ng du o u cu CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ng co an th ng du o u cu CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om DNS Cache Poisoning  We can poison Domain Name Service (DNS) cache entries (mappings co ng from domain names to IP addresses) to route traffic intended for another th an website to one we control ng  We send a bunch of bogus DNS resolution replies pointing to the wrong IP cu u du o address for a domain name CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ng co an th ng du o u cu CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om SSL Man-in-the-Middle Attacks  The goal of SSL is to provide reasonable assurance that any sensitive co ng information transmitted between a user’s browser and a server is secure - cu u du o ng th an unable to be read by a malicious entity along the way CuuDuongThanCong.com https://fb.com/tailieudientucntt cu u du o ng th an co ng c om How SSL work CuuDuongThanCong.com https://fb.com/tailieudientucntt cu u du o ng th an co ng c om How SSL work CuuDuongThanCong.com https://fb.com/tailieudientucntt cu u du o ng th an co ng c om SSL Man-in-the-Middle Attacks CuuDuongThanCong.com https://fb.com/tailieudientucntt ... Networking for Capturing traffic co  ARP Cache Poisoning cu u du o ng th an  SSL Man-in-the-Middle Attacks CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om Networking for Capturing traffic. .. Bluetooth, and many cu u du o ng other kinds of traffic CuuDuongThanCong.com https://fb.com/tailieudientucntt .c om ARP Cache Poisoning  To capture traffic not intended for the Kali system, we... data sent to our Kali system th an  Perform a man-in-the-middle attack: redirect and intercept traffic between cu u du o ng two systems CuuDuongThanCong.com https://fb.com/tailieudientucntt .c