🕵️‍♂️

On-Path Attacks

Feb 23, 2025

On-Path Attack Overview

  • Definition: An on-path attack involves an attacker intercepting and potentially modifying traffic between two devices without the knowledge of the parties involved.
  • Other Names: Commonly known as a man-in-the-middle attack.
  • Characteristics:
    • The attacker transfers information between devices while having the ability to view or alter it.
    • Victims are unaware of the attack as it is invisible to them.

ARP Poisoning

  • What is ARP Poisoning?
    • A type of on-path attack occurring on a local IP subnet.
    • Relies on the lack of security in the Address Resolution Protocol (ARP).
  • How it Works:
    • The attacker must be on the same subnet as the victim devices.
    • The laptop (victim device) sends a broadcast for the router's MAC address using its IP address.
    • The router responds with its MAC address, which the laptop caches.
    • The attacker sends a fake ARP response claiming to be the router, updating the laptop's ARP cache with the attacker's MAC address.
    • Both the laptop and router communicate through the attacker, allowing interception and modification of traffic.

On-Path Browser Attack

  • Definition: Also known as a man-in-the-browser attack.

  • Mechanism:

    • Malware or a Trojan on the victim device acts as a proxy.
    • Allows traffic to be redirected before and after being sent to the network.
    • Even encrypted network traffic can be viewed in clear text.

  • Consequences:

    • Captures sensitive information like usernames, passwords, and other credentials.
    • Can initiate unauthorized sessions and transactions, e.g., transferring money, shopping online.
    • Victims remain unaware as the attack operates in the background.

Security Implications

  • Lack of ARP Security: ARP’s lack of inherent security features makes ARP poisoning relatively easy to implement.
  • Invisibility to Victims: Both ARP poisoning and on-path browser attacks are undetectable by the victim without specialized tools.

Conclusion

On-path attacks, whether via ARP poisoning or browser attacks, pose significant security threats. They exploit vulnerabilities in network protocols and local device security to gain unauthorized access to sensitive information, often without the victim's knowledge.

Full transcript