Install Subterfuge, review its capabilities, and use it to intercept and extract cookies.
- [Teacher] Subterfuge is a testing tool…which provides a number of capabilities,…including denial of service,…Man in the Middle, and session hijacking,…and is designed to be very easy to use.…The tool is available from GitHub as shown,…and can be loaded into Kali through cloning.…Subterfuge runs an ARP poisoning attack on the local network…to enable Man in the Middle and session hijacking.…The latest release of Subterfuge…requires that MITM proxy also be installed.…It's installed on Kali,…but if you're using another Linux distribution,…then the instructions for installing this…are in the preconfiguration file…associated with this course.…
Subterfuge was hugely popular when it first came out…due to its ability to do SSL stripping…and intercept user accounts and passwords easily.…While many sites now use more sophisticated security,…and no longer fall prey to this attack,…there are still a significant number that remain vulnerable.…Before we demonstrate the Subterfuge tool,…let's look at how ARP poisoning works.…
This course teaches you what session hijacking is, and how black-hat hackers use it to attack an organization. Learn how TCP, web, and wireless protocols work and how hackers exploit them. Find out how to use built-in Windows and Linux tools, as well as specialized third-party solutions such as Zed Attack Proxy (ZAP) and Cain, to detect and shore up vulnerabilities. Author and cybersecurity expert Malcolm Shore also discusses remote hijacking, which allows hackers to take control of drones or even vehicles.
Note: This course maps to the Session Hijacking domain of the Certified Ethical Hacking exam. Review the exam objectives at the EC-Council's website.
- Hijacking a network session, such as a Telnet session
- Understand web sessions
- Intercepting sessions via man-in-the-middle or man-in-the-browser attacks
- Downgrading a session by stripping SSL
- Using ARP poisoning through Subterfuge
- Hijacking an HTTP session through cookies
- Using hijacking defense tools: Zed Attack Proxy and Cain
- Service hijacking (DNS and SSH)
- Hijacking in the physical world: cars and drones