Difference between revisions of "Man-in-the-middle attack"

From OWASP
Jump to: navigation, search
m (Examples)
m (Examples)
Line 5: Line 5:
  
 
==Examples ==
 
==Examples ==
<img src='http://www.arcot.com/mitm/images/mitm_diagram_lg.gif'>
+
[[Image:test]]
 
Image courtesy of www.arcot.com [http://www.arcot.com/mitm/images/mitm_diagram_lg.gif]
 
Image courtesy of www.arcot.com [http://www.arcot.com/mitm/images/mitm_diagram_lg.gif]
 
<br>
 
<br>

Revision as of 16:35, 29 April 2007

This is an Attack. To view all attacks, please see the Attack Category page.


Description

A Man In The Middle (MITM) attack is a form of attack in which an evil hacker can trick end users in to thinking he is a bank or other such service in order to 'sniff' or steal the users login credentials.

Examples

File:Test Image courtesy of www.arcot.com [1]
In this example you see the attacker intercepting, logging and stealing any information passed to the server.

Related Threats

Related Attacks

SSL man-in-the-middle attack

Related Vulnerabilities

Related Countermeasures

Categories

This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.