Attacks: Man in the Middle
This lesson explains the man in the middle attack vulnerability in Kerberos.
We'll cover the following...
A man-in-the-middle attack, also known as a hijack attack, is an attack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other. In the case of Kerberos, the attacker is placed between the KDC and the client and tries to spoof the client into thinking that they are the real KDC.
Mounting a man-in-the-middle attack when Kerberos protocol is in place is slightly complicated and was first reported by Dug Song. Note that Kerberos was designed with the ...