Jasey DePriest (she / her) :donor: · @jrdepriest
60 followers · 475 posts · Server infosec.exchange@reswob
I'm going to summarize.
This really good write up on how to use simple, readily available tools to perform good security research. And it is written in such a way that even a beginner could follow it.
They used #kalilinux, specifically #wireshark, #scapy, and an arpspoof #python script (there are tools in Kali that can do this for you like #dsniff or #ettercap, but they probably did not need something that full featured).
They debugged the protocol to figure out where the PSI values were stored and then built a MiTM script, also in python, that could manipulate embedded data in either direction or both directions.
Simplest fix is "encrypt your protocol".
#kalilinux #wireshark #scapy #python #dsniff #ettercap
(RTP):tor:Privacy & Tech Tips · @RTP
2619 followers · 3880 posts · Server fosstodon.orgPassword-Less SSH & Verify SSH Fingerprints to avoid MITM Attacks. (SSH Config: Part II)
#SSH #Linux #Security #Infosec #Cybersecurity #MITM #ettercap #Arp #password #Key #Encryption #Tutorial #Video #Pinephone
https://odysee.com/@RTP:9/protecting-ssh-from-mitm-and-no-password:b
#ssh #linux #security #infosec #cybersecurity #mitm #ettercap #arp #password #key #encryption #tutorial #video #pinephone