nerdexam
EC-Council

312-50V11 · Question #648

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively inte

The correct answer is B. Man-in-the-middle. Dsniff enables man-in-the-middle attacks by letting an attacker intercept and relay traffic between two parties, with neither side detecting the intrusion.

Sniffing

Question

Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?

Options

  • AInterceptor
  • BMan-in-the-middle
  • CARP Proxy
  • DPoisoning Attack

How the community answered

(59 responses)
  • A
    2% (1)
  • B
    86% (51)
  • C
    8% (5)
  • D
    3% (2)

Why each option

Dsniff enables man-in-the-middle attacks by letting an attacker intercept and relay traffic between two parties, with neither side detecting the intrusion.

AInterceptor

'Interceptor' is not a recognized standard attack classification in security frameworks; the scenario described matches the formal definition of a man-in-the-middle attack.

BMan-in-the-middleCorrect

A man-in-the-middle attack involves an attacker secretly inserting themselves into a communication stream, establishing independent connections with both endpoints and relaying messages between them. Dsniff is a well-known suite that facilitates MITM attacks via ARP poisoning and session hijacking, allowing Eric to intercept credentials and relay data from both sides without either party being aware.

CARP Proxy

ARP Proxy is a network technique where a device responds to ARP requests on behalf of another host; it is a mechanism sometimes used within a MITM attack but is not the name for the overall attack pattern.

DPoisoning Attack

'Poisoning Attack' refers specifically to a sub-technique such as ARP or DNS poisoning used to redirect traffic, not to the broader attack pattern of intercepting and relaying a full communication session between two parties.

Concept tested: Man-in-the-middle attack using Dsniff toolkit

Source: https://owasp.org/www-community/attacks/Manipulator-in-the-middle_attack

Topics

#man-in-the-middle#Dsniff#credential interception#network sniffing

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice