What's MIMT Methodology?

Man in the middle attacks are a group of attacks based in the bridge system. The attacker uses differents methods to became involved into the communication of subjects without their consent. It will be easy to explain with an example:

1. Oriol sends a message to Carles, which is intercepted by Mariano:

                 Oriol "Hi Carles, it's Oriol. Give me your key." →     Mariano     Carles

2. Mariano relays this message to Carles; Carles cannot tell it is not really from Alice:

                 Oriol     Mariano "Hi Carles, it's Oriol. Give me your key." →     Carles

3. Carles responds with his encryption key:

                 Oriol     Mariano     ← [Carles's key] Carles

4. Mariano replaces Carles's key with her own, and relays this to Oriol, claiming that it is Carles's key:

                 Oriol   ← [Carles's key] Mariano     Carles

5. Oriol encrypts a message with what she believes to be Carles's key, thinking that only Carles can read it:

                 Oriol "Meet me at the bus stop!" [encrypted with Mariano's key] →     Mariano     Carles

6. However, because it was actually encrypted with Mariano's key, Mariano can decrypt it, read it, modify it (if desired), re-encrypt with Carles's key, and forward it to Bob:

                 Oriol     Mariano "Meet me at the van down by the river!" [encrypted with Carles's key] →     Carles

MITM scheme based in the example

There are too differents types of attacks but mainly we will focus in four.

ARP Spoofing , DNS spoofing, Port Stealing and DHCP Spoofing.

*Spoofing

A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data, thereby gaining an illegitimate advantage.