PDA

View Full Version : stealing credentials with easy-creds v3.7.3 fake AP method



wewe73
12-14-2012, 05:00 AM
The title say it all, no need to explain to much, easy-creds is an automated script for MITM attacks, can be used by newbies or experts for those who want to save lots of time instead of setting fake AP manually,

what you need ? all in backtrack 5 r3 except dhcp3-server,

commands used ? all in the video,

http://vimeo.com/55579219

securitymangk
12-14-2012, 09:07 AM
Will this also work with HTTPS sites? The sites that were loaded were only HTTP.

wewe73
12-14-2012, 03:37 PM
All websites on the video used uses HTTPS, however during the attack the client will be provided with HTTP instead of HTTPS,

Ok let me explaine Man-In-The-Middle attack in very simple way, Imagine two people are talking to each other and before they start talking to each other, they do a handshake, that is the conection between the client and the attacker, imagine yahoo or google or paypal is the service provider (service provider is the web server) and the attacker is a fake service provider so the attacker will provide the client with fake sevice (web server) that service is HTTP instead HTTPS, client think He/She having HTTPS service, now here the attacker will be in the middle of the client and the web server, he will collect all info data from the client, and send them to the real web server, and get info data from the web server and send them back to the client, during this the attacker will be able to see all traffic and steal all credentials from the client.

hope i explained it, i did not want to go in details as it will take so long,

securitymangk
12-17-2012, 11:36 AM
All websites on the video used uses HTTPS, however during the attack the client will be provided with HTTP instead of HTTPS,

Ok let me explaine Man-In-The-Middle attack in very simple way...

I know ;)

What I'm saying is will the end user be gullible and not tell that it's not an HTTPS site anymore. Meaning is there a way to still display it as HTTPS even though your providing the site through proxy.

wewe73
12-17-2012, 06:08 PM
cheeky smile :cool:

to be very honest am not sure if there is a way to do what you asking, it will be very cool tho, however mind you 99.9 of ppl out there don't have a clue about what is HTTPS and HTTP, and they don't know what is the deference, and they even don't look on the search bar what is going on [am not encourage you to do that to ppl obviously] but lots of ppl are unaware of this, unless someone knows about it like your self or other ppl are involve with internet and wireless security, and if you try to hack one of them experience, then you will land on the wrong tree mate :-)

it will be very interesting if you can do that, please share your knowledge if you ever come a cross something like what you thinking,