Credit Card and Website Password Theft (MITM)

Hey, it's me, Arshad Aman, back again. I had brought Back the Man In The Middle Post. I will not take care of the Google.

Note:- This is only for Educational Purpose. I am not Responsible Whatever you do. Black Hat hacking and cracking and Black Hat SEO are illegal, You may be jailed for doing this

How Your Credit Card Can Be Hacked?

What is MAN IN THE MIDDLE ATTACK (MITM)?

ANS:- AS THE NAME TELL US IS THAT MAN IN THE MIDDLE THAT MEANS A MAN WHO IS IN THE MIDDLE. HERE This NOT MEANS MEDIATOR IT MEANS A HACKER WHO IS IN THE MIDDLE OF YOU AND YOUR SERVER AND TRYING TO HACK OR SPOOF YOU IDENTITY, PASSWORD, CREDIT CARD NUMBERS, ETC. He CAN CAPTURE ALL INFORMATION WHICH IS IN BETWEEN SERVER AND YOU.
HOW HACKER DO THAT ATTACK?

ANS:-THERE ARE VARIOUS APPLICATION AVAILABLE on INTERNET WHICH helps THEN TO DO THAT. 

LET US UNDERSTAND HOW IT WORKS:-IN INTERNET EVERY DATA AND INSTRUCTION TRANSMIT THROUGH A PROTOCOL KNOWN AS TRANSMISSION CONTROL PROTOCOL (TCP). The TCP ALLOWS THE DATA TO TRANSMIT THROUGH.TCP NOT ACTUALLY TRANSMIT THE DATA BUT IT TRANSMIT PACKETS WHICH IS THE SMALLER UNIT OF DATA AND ON REACHING THERE DESTINATION They AGAIN COMBINE TO FORM THE ORIGINAL DATA. WHICH MAY BE ANYTHING LIKE IMAGE FILE, AUDIO FILE, VIDEO FILE, TEXT FILE, ETC. 



TO KNOW MORE ABOUT PROTOCOLS CLICK HERE:-NETWORKING BASICS



So, HACKER USE SOME APPLICATION TO CAPTURE PACKETS AND IN THAT PACKETS THERE IS ALL YOUR INFORMATION.



SOME APPS:-

Wireshark(Windows AND LINUX)
ZENTI(FOR ANDROID)
AND OTHER SPOOFING APPS ARE ALSO AVAILABLE IN MARKET. THE BEST IS Wireshark AND I PERSONALLY USE IT.
 HOW TO PREVENT IT?
ANS:-THE BEST WAY USE ENCRYPTION SUCH THAT IF THE HACKER SPOOF THE DATA THEN HE WILL NEVER UNDERSTAND IT.

THE BEST IS ENCRYPTION IS PGP ENCRYPTION. I will RECOMMEND EVERYONE TO USE IT.



THE ANOTHER WAY IS TO USE STEGANOGRAPHY WHICH IS A METHOD OF HIDING A USEFUL DATA INSIDE AN UNUSEFUL DATA. BUT IT IS NOT MUCH SECURE AND HACKER CAN SEE IT BY DIFFERENT METHODS. BUT YOU CAN TRICK THE M.WE WILL DISCUSS THIS LATTER.



THIS IS ALL FOR POINT TO POINT CONNECTION BUT IF YOU ARE CONNECTING TO A SERVER THEN YOU CAN'T use THE METHOD THEN WHAT? Don't WORRY ABOUT IT I WILL TELL YOU WHAT TO DO.

IF YOU DON'T KNOW ABOUT POINT TO POINT NETWORK THEN GO HERE WHAT IS POINT TO POINT.



IF YOU ARE VISITING A WEBSITE IN A PUBLIC WIFI OR A WIFI IN WHICH OTHERS ARE ALSO CONNECTED OR FROM YOUR MOBILE HOTSPOT ANYONE IS CONNECTED MAKE SURE THAT THE WEBSITE HAS HTTPS INSTEAD OF HTTP BEFORE ENTERING ANY SENSITIVE INFORMATION LIKE BANK DETAILS.



Don't GO TO http://www.anything.com

GO TO https://www.anything.com

My Previous Posts:-

• What is Social Engineering?
• Steganography:-Hide file inside another file(What and How)
• WHY KALI OS.WHERE TO GET.

This is all for today. If you have any question, suggestion or you want that I should make a blog on your cyber topic then tell me in the comment section below. Hope you like this post.

Share It To Everyone By Clicking The Share Button. Hope You will do this for me.