+ 1

Interception Between Sockets

If I have a client-server program that runs over python sockets for example, I know that someone can intercept the packets (man in the middle attack). Can the same man modify the data sent over the sockets ? (I know he can read, if it's not encrypted...)

python python3 sockets packets man-in-the-middle

26th Aug 2021, 10:29 AM

Yahel

8 Answers

+ 1

If he can read so he violates the confidentiality of the victims's connections but he has to know the target's ip and or Mac address and user credentials for login or access the user privileges then he can modify or violates the integrity of server or client machines.When he get the victims's ip he can acting as the trusted user and send requests or replays to the target.

26th Aug 2021, 11:03 AM

HBhZ_C

+ 1

HBhZ_C, the hacker basically has the packet and he can just keep the ip address as it is and just change the other data... right?

26th Aug 2021, 11:09 AM

Yahel

+ 1

No Yahel I means an attacker has to act as the victim so he has to spoof his ip to send a spoofed message to other parties as the trusted user(the victim).An ip is unique for each connected devices.It is your address in the internet world.If the server don't check who really sends request it will be easy to hack anyone in the net.If you receive an email from a friend who leaves in Japan,how can you believe that this email is from your trusted friend?

26th Aug 2021, 12:12 PM

HBhZ_C

+ 1

So how can the attacker intercept any data coming from his victim without knowing its logical address?Shall he acting or listening to wan or lan network Mr ✩✮★✮✩ ?He has to use victims's address in arpspoofing or whatever tools he uses for interception.

26th Aug 2021, 4:42 PM

HBhZ_C

+ 1

Or just a network card that can change to monitor mode. Also look through the aircrack-ng suite for tools.

26th Aug 2021, 6:40 PM

Slick