|
|
Automation of MitM Attack on WiFi Networks
Vondráček, Martin ; Lichtner, Ondrej (referee) ; Pluskal, Jan (advisor)
Tato bakalářská práce se zaměřuje na výzkum v oblasti bezpečnosti bezdrátových sítí. Práce přináší studii široce využívaných síťových technologií a principů zajištění bezpečnosti bezdrátových sítí. Analyzované technologie a způsoby zabezpečení trpí slabinami, které mohou být zneužity k provedení útoku MitM . Práce zahrnuje přehled dostupných nástrojů zaměřených na využití jednotlivých slabin. Výsledkem této práce je balíček wifimitm a CLI nástroj, oba implementované v jazyce Python. Balíček poskytuje funkcionalitu pro automatizovaný útok MitM a může být použit jako součást dalšího software. Nástroj wifimitmcli je schopen úspěšného provedení plně automatizovaného útoku bez jakéhokoli zásahu útočící osoby. Tento výzkum nachází využití v oblasti automatizovaných penetračních testů a forenzního vyšetřování.
|
|
|
Analysis of possible threats in old OS Linux version
Chovancová, Emília ; Dejdar, Petr (referee) ; Tomašov, Adrián (advisor)
The bachelor thesis is focused on the security aspect of an older version of a Linux based machine. The document is split into a theoretical part which contains a description of what operating system, kernel, UNIX, GNU/LINUX and Linux OS are in general. Then the description proceeds to explanation of active and passive attacks such as replay, masquarade, denial of service, man in the middle or listening and analysing the network. Afterwards it continues with description of potentially vulnerable spots that are common on operating systems. With the help provided from scanning software, especially Nmap and Lynis, the document proceeds to the practical part which contains various types of successful and unsuccesfful attacks such as password recovery, denial of service, spectre, brute force of a password and cross-site scripting. The last part covers the protection against succesfull attacks and adds a little bit more of additional protection in general in a form of an ansible script.
|
|
|
Automatization of MitM Attack for SSL/TLS Decryption
Marušic, Marek ; Lichtner, Ondrej (referee) ; Pluskal, Jan (advisor)
SSL/TLS are protocols used to encrypt network traffic. They provide secure communication between clients and servers. The communication can be intercepted with MitM attack. This paper is aimed to describe the automatization of MitM attack and demonstrate its results. The automatization is done by MitM probe and a python script, which configures the probe and starts the attack. The script is easy to use, without great effort. It takes care of configuration of the probe, then it starts the tools used for network traffic capture and at last it starts MitM tools to perform the attack. During the MitM attack, users are warned by client applications about insecure connection. The client applications either provide an option to establish a connection anyway or it forbids clients to establish the connection with insecure parameters. In this paper, the users can learn what are SSL/TLS protocols and about a possibility how to intercept the network traffic encrypted by these protocols.
|
|
|
SIP security
Tůma, Petr ; Šilhavý, Pavel (referee) ; Ježek, Jiří (advisor)
This bachelor thesis focuses on security issues of the SIP signalling protocol. The goal was to carry out three attacks and design defences against them. The chosen attacks were a flood attack, a modified message attack and a man-in-the-middle attack. The attacks were conducted against the Asterisk PBX and the results show that some attacks were able to prevent communication between the PBX and clients. Defensive measures are described for each attack in the mitigation subchapter.
|
|
|
MITM Attack Automation Using Single-Board Solution
Podlesný, Šimon ; Letavay, Viliam (referee) ; Pluskal, Jan (advisor)
Thesis is focused on design of MiTM attack with use of modern approaches in IT infrastructure. Especially it's focused on how to simplify configuration of single-board computer for penetration testing purposes by creating scalable infrastructure for device configuration and control. Proposed solution allows the usage of complicated attacks by trained staff while not limiting users with experience in network security. While today, applications capable of MiTM attacks are monolithic and device-centric, proposed solution considers the device providing MiTM just as one part of the solution and also focuses on other problems like data exfiltration or hash cracking.
|
|
|
Detection of local area network topology
Šípek, Martin ; Gerlich, Tomáš (referee) ; Martinásek, Zdeněk (advisor)
The bachelor thesis focuses on the detection and mitigation of Man-in-the-Middle attacks in the local network using its own implementation in the Python programming language. One of the most common Man-in-the-Middle attacks is ARP spoofing, which should be identified by the detection system and then mitigate it. The theoretical part of the thesis analyzes the current state of the issue, including a detailed description of the network analysis and tools which are used in this analysis. Cyber attacks are also described, namely Man-in-the-Middle and Denial-of-Service attacks. The practical part describes the realization of the experimental workplace and its detailed components and the installation and configuration of MySQL and Elasticsearch databases. It also focuses on the Suricata program, designed to analyze network traffic, on the actual implementation of Man-in-the-Middle attack detection and on the achieved results of testing of the implemented detection system.
|
|
|
Communication model using Data distribution service and communication security assessment
Frollo, Martin ; Fujdiak, Radek (referee) ; Pokorný, Jiří (advisor)
The diploma thesis is focusing on middleware layer in distributed systems. It introduces typically used communication protocols and standards operating on this layer. In theoretical part it brings closer look at OMG DDS specification. This part contains fundamental functionalities of this specification along with its architecture blocks. Thesis also describes the RTPS protocol functionality. Existing implementations of OMG DDS standard are described at the end of theoretical part. OpenDDS 3.13 implementation is used in practical part of thesis. It is deployed and tested on various platforms. Next part verifies option of securing RTPS data stream using beta version of OMG DDS Security, which OpenDDS 3.13 implementation contains. Secured and unsecured data flows are being compared. Latency of data stream is also important, especially in distributed systems. DDS system, which measures latency of RTPS stream is created in practical part. Latency of this DDS system can be measured in various configurations. Difference of devices’ performance used in measurements can be clearly seen in latency results where the size of data samples is increasing. Differences of measured latency are also recognizable between reliable and unreliable and secure and unsecure RTPS stream. Part of measurements is made between 2 physical devices with and without an attacker. Type of attack is MITM and it captures RTPS flow, which does not belong to attacking machine.
|
|
|
Interception of Modern Encrypted Protocols
Marček, Ján ; Korček, Pavol (referee) ; Kajan, Michal (advisor)
This thesis deals with the introduction to the security mechanism.The procedure explains the basic concepts, principles of cryptography and security of modern protocols and basic principles that are used for information transmission network. The work also describes the most common types of attacks targeting the eavesdropping of communication. The result is a design of the eavesdropping and the implementation of an attack on the secure communication of the SSL protocol..The attacker uses a false certificate and attacks based on poisoning the ARP and DNS tables for this purpose. The thesis discusses the principles of the SSL protocol and methodology of attacks on the ARP and DNS tables.
|
|
|
Simulated Fault-Injection in Network Communication
Rozsíval, Michal ; Rogalewicz, Adam (referee) ; Smrčka, Aleš (advisor)
The development of network applications takes place under ideal conditions, as opposed to deploying them in a real-world environment that contains vulnerabilities such as loss, latency, or cyber-attacks. Ensuring resilience against these vulnerabilities is thus crucial. This thesis introduces the NetLoiter, which aims to enable the simulation of the required vulnerabilities and thus allow developers to treat them correctly. The NetLoiter can be used in transparent (proxy server), hidden (captures communication directly from the system kernel), or hardware versions suitable for testing embedded systems. NetLoiter supports dynamic reconfiguration using a public interface that can be used to automate the testing process. NetLoiter has been successfully integrated and used in real projects.
|
|
|
Trusted proxy in SSL/TLS connection
Smolík, Jiří ; Forst, Libor (advisor) ; Lukeš, Dan (referee)
The problem of SSL/TLS interception ("trusted proxy in SSL/TLS connection") has been known for years and many implementations exist. However, all of them share a single technical solution which is based solely on the PKI authentication mechanism and suffers from multiple serious disadvantages. Most importantly, it is not compatible with several aspects or future trends of SSL/TLS and PKI, there's almost no space for improvement and its real use may spawn legal issues. After we analyze technical background and the current solution, we will propose another one, based not only on PKI but SSL/TLS too. Both solutions will be compared and general superiority of the new one will be shown. Basic implementation and analysis will follow, along with deployment requirements and ideas for future development. Powered by TCPDF (www.tcpdf.org)
|
guest ::
