zANTI, Dsploit, Csploit, Faceniff and many, many more similar hacking apps are using a specific kind of attack called MITM - the Man In The Middle attack. What exactly does this attack do and is there any way to protect yourself from it? Read on!
Man In The Middle aims to control a victim by becoming the "man in the middle". Let's make an example.
We got person A and person B. Let's name them Rami and Jovie. They're friends and just chatting through an unencrypted connection (http). Alice wants to hang out, says:
- Sup Jov, gimme your public key, I want to chat!
Rami is requesting a Public key (known as asymmetric cryptography - used to encrypt data and verify them as a digital signature)
Rami and Jovie don't know one thing. There's an evil person Miro intercepting everything they say.
What happens here is that the sent message goes first to Miro and then gets sent to Jovie. He doesn't spot anything, the message is the same, nothing's really suspicious at the moment.
Jovie responds:
- Yo Ramy, let's chat. Here's my key: materialFTW123
Miro now knows the Jovie's public key but instead of sending this key directly to Rami, he sends his own public key. Miro slightly edits the message:
- Yo Ramy, let's chat. Here's my key: motiondesignFTW123
Now they can encrypt the whole conversation with their private encrypt alghoritm. However, they don't know there's someone who's edited it so he can view and control the whole conversation between these two guys.
- [encrypted with Miro's key] Let's hang out, bring some booze lol
Miro then encrypts it to Jovie's original key (materialFTW123) so he doesn't spot a thing. Then he resends it to Jovie and the conversation goes on.
..
This way the attacker can take control over a conversation and not only he can intercept it but also change it. Boom, we have redirect, script injection, replace images and many more features.
