A Systematic Approach Towards Compromising Remote Site HTTPS Traffic Using Open Source Tools

Cyber Security has become inevitable if better strategies are not adopted to tackle cyber-attacks. Cracking and hacking attempts lifted to an unimaginable level of threat. Many vulnerabilities exist in the cyber world, which the attackers used to exploit. Majority of the attacks occur due to the vulnerabilities in Wi-Fi security mechanisms that are being exploited by attackers to penetrate remote networks using a dictionary attack. After getting access to the network, attackers can compromise the CIA trade of information security using MITM attack. In MITM attack, attackers exploit the communication channel by intercepting all the traffic between users and router. The data that is being transferred comprises of SSL and HTTP header and for protection, providing HTTPS suffix in URL. In this paper, we have discussed and demonstrated how an attacker could break Wi-Fi security mechanisms to penetrate the network using a dictionary attack, and then perform MITM attack based on ARP poisoning and SSL striping to compromise HTTPS traffic in the Kali Linux Environment. This paper attempts to implement this systematic attack to help security analysts to understand the behavior of the attacker and develop new strategies to mitigate this type of structured attacks.