Performing FilePwn Using the Man-In-The-Middle Framework (MITMf)

Developed with
QA

Lab Steps

lock
Starting the Cyber Network Security Lab Exercise

Ready for the real environment experience?

DifficultyIntermediate
Time Limit2h
Students21

Description

The MITMf is a collection of tools, written into an easy to use framework by byt3bl33d3r, which an attacker can use to simplify the construction and execution of Man-In-The-Middle (MITM) attacks. It provides the user with a modular and extensible framework which they can adapt to suit their own needs and carry out a variety of MITM attacks with ease. It includes its own DNS, HTTP and SMB servers to carry out attack features.

The MITM attack you will be carrying out will be utilising a feature called "FilePwn", where the attacker can inject a malicious payload into or fully replace a file that the victim is downloading from an HTTP website.

This lab is part of a series on cyber network security.

Learning Objectives

Upon completion of this lab you will be able to:

  • Demonstrate how an attacker could use the MITMf FilePwn tool to replace a file a user downloads in order to achieve a reverse shell exploitation foothold for the network

Intended Audience

This lab is intended for:

  • Cyber and network security specialists

Prerequisites

You should possess:

  • A basic understanding of Windows operating system environments
About the Author
Students2645
Labs19
Courses20
Learning paths22

QA is the UK's biggest training provider of virtual and online classes in technology, project management and leadership.