Executing man-in-the-middle attacks
One of the most important concepts in both the reconnaissance/weaponization and intrude/exploit phases is acting as the MITM. We touched upon this in the previous chapter a little, where we used tools such as ARPspoof and Ettercap to position ourselves inline between hosts using software, or physically placing ourselves inline using multiple network interfaces. The goal in the previous chapter was to gain some sort of intelligence about what is going on between hosts so that we could glean important information that we could later use for intruding and exploitation. Now that we are further along in our penetration test, we will take advantage of this prime location to use some great tools that go beyond just snooping. This is a very important concept when it comes to penetration testing, because many of the attacks we are trying to help expose and harden our customers' networks against use these techniques. If we cannot successfully gain MITM status where...