312-50V13 · Question #13
An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections. When users accessed any page, the applet ran and exploit
The correct answer is B. Ettercap. Ettercap is a network sniffing and MITM attack tool capable of injecting arbitrary content, such as HTML code, into unencrypted network traffic.
Question
Options
- AWireshark
- BEttercap
- CAircrack-ng
- DTcpdump
How the community answered
(51 responses)- A6% (3)
- B90% (46)
- C2% (1)
- D2% (1)
Why each option
Ettercap is a network sniffing and MITM attack tool capable of injecting arbitrary content, such as HTML code, into unencrypted network traffic.
Wireshark is a passive network protocol analyzer used for sniffing and inspecting network traffic, but it cannot actively inject code or perform MITM attacks for content modification.
Ettercap is a versatile tool primarily used for Man-in-the-Middle (MITM) attacks, ARP spoofing, and content injection into unencrypted connections. It can actively intercept and modify live traffic, making it suitable for injecting HTML code into HTTP connections as described.
Aircrack-ng is a suite of tools primarily used for auditing wireless network security, focusing on cracking WEP/WPA-PSK keys and analyzing wireless traffic, not for injecting HTML into HTTP connections.
Tcpdump is a command-line packet analyzer used for capturing and displaying TCP/IP and other network packets; it is a passive tool and cannot inject content into traffic.
Concept tested: Man-in-the-Middle (MITM) attack tools
Topics
Community Discussion
No community discussion yet for this question.