312-50V11 · Question #648
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively inte
The correct answer is B. Man-in-the-middle. Dsniff enables man-in-the-middle attacks by letting an attacker intercept and relay traffic between two parties, with neither side detecting the intrusion.
Question
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?
Options
- AInterceptor
- BMan-in-the-middle
- CARP Proxy
- DPoisoning Attack
How the community answered
(59 responses)- A2% (1)
- B86% (51)
- C8% (5)
- D3% (2)
Why each option
Dsniff enables man-in-the-middle attacks by letting an attacker intercept and relay traffic between two parties, with neither side detecting the intrusion.
'Interceptor' is not a recognized standard attack classification in security frameworks; the scenario described matches the formal definition of a man-in-the-middle attack.
A man-in-the-middle attack involves an attacker secretly inserting themselves into a communication stream, establishing independent connections with both endpoints and relaying messages between them. Dsniff is a well-known suite that facilitates MITM attacks via ARP poisoning and session hijacking, allowing Eric to intercept credentials and relay data from both sides without either party being aware.
ARP Proxy is a network technique where a device responds to ARP requests on behalf of another host; it is a mechanism sometimes used within a MITM attack but is not the name for the overall attack pattern.
'Poisoning Attack' refers specifically to a sub-technique such as ARP or DNS poisoning used to redirect traffic, not to the broader attack pattern of intercepting and relaying a full communication session between two parties.
Concept tested: Man-in-the-middle attack using Dsniff toolkit
Source: https://owasp.org/www-community/attacks/Manipulator-in-the-middle_attack
Topics
Community Discussion
No community discussion yet for this question.