Ethical Hacking at MPICT PowerPoint PPT Presentation

presentation player overlay
About This Presentation
Transcript and Presenter's Notes

Title: Ethical Hacking at MPICT


1
Ethical Hackingat MPICT
2
Two Attacks
  • Cross-Site Request Forgery
  • Almost every Web site with a login is vulnerable
  • sslstrip
  • HTTP sites with HTTPS buttons like Facebook are
    vulnerable

3
Cross-Site Request Forgery (XSRF)
4
Web-based Email
To Internet
Router
AttackerSniffingTraffic
TargetUsingEmail
5
Cross-Site Request Forgery (XSRF)
  • Gmail sends the password through a secure HTTPS
    connection
  • That cannot be captured by the attacker
  • But the cookie identifying the user is sent in
    the clearwith HTTP
  • That can easily be captured by the attacker
  • The attacker gets into your account without
    learning your password

6
Demonstration
7
sslstrip
8
The Problem
  • HTTP Page with an HTTPS Logon Button

9
Proxy Changes HTTPS to HTTP
To Internet
HTTPS
Attacker Evil Proxyin the Middle
HTTP
TargetUsingFacebook
10
Demonstration
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "Ethical Hacking at MPICT" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!