work and IT @ 08 Oct 2008 06:50 pm by ayoi
Yup, not only everyone can fly with AirAsia but now everyone can perform Monkey in The Middle attacks. I just read an article at one of my favourite sites, darkreading.com that basically about a tool called Middler which automatically generates MiTM attacks on any sites that not fully ensure that the communication channel will be done on SSL besides during the login or authentication process. In the article it does mention some of this sites like Linkedln where for the login process, it will be done on SSL but after the authentication process, the communication will be done on plain HTTP channel. And yes, even our own gmail practice the same method.
The scary part is:
“Middler is also designed for use by an attacker with no Web-hacking skills or experience. “The Middler allows an attacker with no Web application-hacking experience to launch attacks that previously required substantial time and skill,” according to Beale.
Dang.. Oh yeah, Mr Beale is co founder of Inguardian (formerly known as Intelguardian).
Btw this tool also can launch CSRF attacks on top of injecting JavaScript into your browser sessions plus it also can detect vulnerabilities that may exist in your browser and launch Metasploit to do the rest. Kewl eh?
I believe we can see new variant of bots that will have this capability soon.
So ladies and gentleman, the trend now is client side attacks and please monitor your user segment as well eh.. Extrusion Detection might be a good idea.
