nerdexam
EC-Council

312-50V10 · Question #648

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively inte

The correct answer is B. Man-in-the-middle. The Dsniff toolkit enables man-in-the-middle attacks by transparently intercepting traffic and relaying it between two parties, with neither endpoint detecting the intrusion.

Sniffing

Question

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?

Options

  • AInterceptor
  • BMan-in-the-middle
  • CARP Proxy
  • DPoisoning Attack

How the community answered

(54 responses)
  • A
    6% (3)
  • B
    89% (48)
  • C
    4% (2)
  • D
    2% (1)

Why each option

The Dsniff toolkit enables man-in-the-middle attacks by transparently intercepting traffic and relaying it between two parties, with neither endpoint detecting the intrusion.

AInterceptor

'Interceptor' is not a recognized standard attack classification; the complete described behavior - interception, credential establishment with both sides, and transparent relay - maps precisely to the man-in-the-middle category.

BMan-in-the-middleCorrect

A man-in-the-middle attack involves an attacker establishing independent connections with each communicating party and relaying traffic between them so neither detects the intrusion. Dsniff tools such as sshmitm and webmitm achieve exactly this by intercepting credentials and session data while maintaining transparent communication with both endpoints.

CARP Proxy

ARP Proxy is a legitimate network technique where a router answers ARP requests on behalf of another host to enable routing, and is not itself an attack classification for this scenario.

DPoisoning Attack

A poisoning attack such as ARP or DNS poisoning describes only the technique used to redirect traffic toward the attacker, not the overall attack being conducted once that position is established.

Concept tested: Man-in-the-middle attack using Dsniff toolkit

Source: https://csrc.nist.gov/glossary/term/man_in_the_middle_attack

Topics

#man-in-the-middle#Dsniff#credential interception#traffic relay

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice