ephase/cours
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add MitM attack course

Browse source
This commit is contained in:
Yorick Barbanneau 2022-10-12 23:48:59 +02:00
parent 394ec1a08e
commit 4817388af1
3 changed files with 768 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

437
content/secu_reseaux/2_mitm/images/mitm_bgp.svg Normal file
View file

@ -0,0 +1,437 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="110.26704mm"
height="72.857864mm"
viewBox="0 0 110.26703 72.857863"
version="1.1"
id="svg157"
sodipodi:docname="mitm_bgp.svg"
inkscape:version="1.1.2 (0a00cf5339, 2022-02-04, custom)"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<title
id="title63132">Man in the Middle sur BGP</title>
<sodipodi:namedview
id="namedview41984"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageshadow="2"
inkscape:pageopacity="0.0"
inkscape:pagecheckerboard="0"
inkscape:document-units="mm"
showgrid="false"
inkscape:zoom="2.2581962"
inkscape:cx="187.09623"
inkscape:cy="190.41747"
inkscape:window-width="1428"
inkscape:window-height="862"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="svg157"
inkscape:snap-global="false"
lock-margins="true"
fit-margin-top="7"
fit-margin-left="7"
fit-margin-right="7"
fit-margin-bottom="7" />
<defs
id="defs154">
<marker
style="overflow:visible"
id="marker29284"
refX="0"
refY="0"
orient="auto"
inkscape:stockid="Arrow2Mend"
inkscape:isstock="true">
<path
transform="scale(-0.6)"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
style="fill:context-stroke;fill-rule:evenodd;stroke:context-stroke;stroke-width:0.625;stroke-linejoin:round"
id="path29042" />
</marker>
<marker
style="overflow:visible"
id="Arrow1Send"
refX="0"
refY="0"
orient="auto"
inkscape:stockid="Arrow1Send"
inkscape:isstock="true">
<path
transform="matrix(-0.2,0,0,-0.2,-1.2,0)"
style="fill:context-stroke;fill-rule:evenodd;stroke:context-stroke;stroke-width:1pt"
d="M 0,0 5,-5 -12.5,0 5,5 Z"
id="path29030" />
</marker>
<marker
style="overflow:visible"
id="marker77151"
refX="0"
refY="0"
orient="auto"
inkscape:stockid="Arrow2Mend"
inkscape:isstock="true">
<path
transform="scale(-0.6)"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
style="fill:context-stroke;fill-rule:evenodd;stroke:context-stroke;stroke-width:0.625;stroke-linejoin:round"
id="path77149" />
</marker>
<marker
style="overflow:visible"
id="marker77141"
refX="0"
refY="0"
orient="auto"
inkscape:stockid="Arrow2Mend"
inkscape:isstock="true">
<path
transform="scale(-0.6)"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
style="fill:context-stroke;fill-rule:evenodd;stroke:context-stroke;stroke-width:0.625;stroke-linejoin:round"
id="path77139" />
</marker>
<marker
style="overflow:visible"
id="Arrow2Mend"
refX="0"
refY="0"
orient="auto"
inkscape:stockid="Arrow2Mend"
inkscape:isstock="true">
<path
transform="scale(-0.6)"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
style="fill:context-stroke;fill-rule:evenodd;stroke:context-stroke;stroke-width:0.625;stroke-linejoin:round"
id="path69623" />
</marker>
<marker
style="overflow:visible"
id="marker118266"
refX="0"
refY="0"
orient="auto">
<path
transform="scale(-0.6)"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
style="fill:context-stroke;fill-rule:evenodd;stroke:context-stroke;stroke-width:0.625;stroke-linejoin:round"
id="path118264" />
</marker>
</defs>
<path
style="fill:#6a6969;fill-opacity:1;stroke:none;stroke-width:0.139682px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
d="m 46.99181,58.742178 1.353572,6.382089 c 0.969147,1.007986 2.378494,0.947812 3.239198,0 0,0 1.570551,-6.081993 1.609694,-6.382089 -1.493195,-0.83092 -3.915404,-1.039948 -6.202464,0 z"
id="path1184"
sodipodi:nodetypes="ccccc" />
<g
id="g65642"
transform="translate(-23.436801,10.3768)">
<path
id="path43581"
style="fill:#ffffff;stroke:#41e6a8;stroke-width:0.6"
d="m 64.457952,27.409169 a 3.773,3.7733111 0 0 1 -3.773,3.773311 3.773,3.7733111 0 0 1 -3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,3.773311 z" />
<path
id="path12663"
style="fill:#4d4d4d;fill-opacity:1;stroke:none;stroke-width:0.0194393px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
d="m 63.911762,23.542159 c -0.01218,1.17e-4 -0.02267,0.0014 -0.03075,0.0041 -0.16718,0.110306 -0.284834,0.567871 -0.284834,0.567871 l -0.02943,0.409517 -1.222098,1.15408 0.196449,0.239858 0.17715,0.348952 1.316177,-1.290651 c 0.246749,-0.02162 0.793881,0.119699 0.95339,3.04e-4 l 0.07558,-0.506883 -0.258047,-0.310473 -0.537642,0.08526 0.258809,-0.246581 -0.207835,-0.347846 c 0,0 -0.288588,-0.108661 -0.40692,-0.107523 z m -6.79284,0.170196 c -0.110101,7.3e-4 -0.407074,0.144555 -0.407074,0.144555 l -0.175433,0.365269 0.280134,0.222086 -0.543185,-0.03611 -0.228775,0.332597 0.121248,0.497941 c 0.169685,0.104423 0.70176,-0.08596 0.949454,-0.08681 l 1.343421,1.112963 0.148872,-0.303862 0.237906,-0.298779 -1.305476,-1.003143 -0.06649,-0.405163 c 0,0 -0.158732,-0.444989 -0.335234,-0.539668 -0.0055,-0.0013 -0.01202,-0.0019 -0.01937,-0.0019 z m 3.541722,1.515375 v 3.8e-5 4.52e-4 c -0.165892,0.03823 -1.444251,0.355437 -1.522293,0.44005 -0.06812,0.07384 -0.521617,0.603311 -0.62855,1.163557 -0.053,0.277701 0.388081,0.78077 0.533517,0.937265 0.306106,0.329382 0.848957,0.295684 0.848957,0.295684 l -0.157394,0.707459 c -0.004,0.0021 -0.0076,0.0049 -0.0106,0.0084 l -0.0653,0.284833 0.26221,0.180629 0.05662,-0.06924 -0.0012,0.116093 0.207913,0.09595 0.06932,-0.06795 0.0092,0.11097 0.304206,0.09671 0.05835,-0.09423 0.02773,0.102984 0.375587,0.05911 0.04216,-0.08162 0.04505,0.07234 0.274248,-0.0046 0.02361,-0.06611 0.05591,0.07245 0.316473,-0.09147 0.0019,-0.09508 0.04823,0.04601 0.252543,-0.131178 0.01704,-0.0963 0.07065,0.05492 0.16691,-0.188845 c -0.01624,-0.09179 -0.06274,-0.222153 -0.07191,-0.247767 7.66e-4,-1.47e-4 0.0013,-4.51e-4 0.0021,-5.9e-4 l -0.321936,-0.774023 c 0,0 0.774784,-0.55474 0.784341,-1.010709 0.01107,-0.604877 -0.611605,-1.523912 -1.173184,-1.60867 -0.178252,-0.01281 -0.902379,-0.217655 -0.902379,-0.217655 z m 1.079375,0.839862 c 0.176291,-9.38e-4 0.431161,0.122655 0.534204,0.244404 0.125059,0.147764 0.149884,0.473316 0.112346,0.700771 -0.03393,0.205603 -0.361696,0.68345 -0.565386,0.697638 -0.223029,0.0155 -0.429552,-0.219522 -0.495916,-0.30478 -0.02438,-0.03132 -0.160109,-0.335053 -0.160109,-0.506729 0,-0.448175 0.411322,-0.798379 0.504781,-0.822897 0.0213,-0.0055 0.04489,-0.0082 0.07008,-0.0084 z m -1.324851,0.006 c 0.02519,1.4e-4 0.04878,0.0028 0.07008,0.0084 0.09347,0.02453 0.504744,0.374721 0.504744,0.822897 0,0.171677 -0.135685,0.475402 -0.16007,0.506729 -0.06636,0.08526 -0.272887,0.320315 -0.495916,0.30478 -0.20369,-0.01423 -0.531496,-0.492034 -0.565424,-0.697636 -0.03754,-0.227457 -0.01265,-0.553009 0.112346,-0.700772 0.103047,-0.121754 0.357951,-0.245356 0.534241,-0.244404 z m 0.614948,1.477622 0.115903,0.159725 0.01423,0.696454 c 0,0 -0.398174,0.0733 -0.432484,0.03676 -0.0071,-0.0076 0.212125,-0.877974 0.291139,-0.892099 0.0038,-6.59e-4 0.0076,-9.72e-4 0.01123,-8.33e-4 z m 0.317808,0.006 c 0.0032,-7.3e-5 0.006,7.31e-4 0.0084,0.0025 0.01673,0.03242 0.274357,0.833093 0.235384,0.917854 -0.03898,0.08475 -0.376272,-0.06882 -0.376272,-0.06882 -0.04745,-0.244092 0.01471,-0.696804 0.01471,-0.704898 0.01534,-0.05892 0.0866,-0.145662 0.11788,-0.14669 z m -1.977702,0.640165 -1.63452,1.423439 c -0.24675,0.02162 -0.793881,-0.119699 -0.953391,-2.96e-4 l -0.07558,0.506883 0.347922,0.241539 0.294996,-0.151054 -0.106083,0.381318 0.207873,0.347844 c 0,0 0.351356,0.132301 0.437643,0.103396 0.16718,-0.110306 0.28487,-0.567869 0.28487,-0.567869 l 0.02943,-0.409519 1.264054,-1.155035 0.157094,-0.671538 z m 2.869648,0.01139 0.154453,0.446967 0.16137,0.50394 0.979298,0.813306 -0.09366,0.424383 c 0,0 0.332097,0.422154 0.510054,0.514066 0.08886,0.01956 0.424193,-0.14933 0.424193,-0.14933 l 0.169699,-0.367981 -0.283534,-0.217694 0.543644,0.02762 0.07134,-0.365612 -0.05227,-0.247195 C 64.653162,29.489487 64.199612,29.468853 63.951962,29.47358 Z" />
</g>
<g
id="g65632"
transform="translate(-24.113794,-23.87321)"
style="font-size:10.5833px;line-height:1.25;letter-spacing:0px;stroke-width:0.264583">
<path
id="ellipse21095"
style="fill:#ffffff;stroke:#41e6a8;stroke-width:0.6"
d="m 51.076715,38.328073 a 3.773,3.7733111 0 0 1 -3.773,3.773311 3.773,3.7733111 0 0 1 -3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,3.773311 z" />
<g
aria-label="A"
id="text51067"
style="font-size:5.67924px;fill:#999999;stroke-width:0.0375658">
<path
d="m 48.056601,39.643893 h -1.503002 l -0.238484,0.754274 h -0.965027 l 1.380987,-4.140189 h 1.145277 l 1.380987,4.140189 h -0.9678 z m -1.264518,-0.76814 h 1.020488 L 47.3051,37.228552 Z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed';fill:#4d4d4d;fill-opacity:1"
id="path65607" />
</g>
</g>
<g
id="g65638"
transform="translate(15.503511,-32.808028)"
style="font-size:10.5833px;line-height:1.25;letter-spacing:0px;stroke-width:0.264583">
<path
id="path60996"
style="fill:#ffffff;stroke:#41e6a8;stroke-width:0.6"
d="m 63.689663,43.881339 a 3.773,3.7733111 0 0 1 -3.773,3.773311 3.773,3.7733111 0 0 1 -3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,3.773311 z" />
<g
aria-label="B"
id="text61000"
style="font-size:5.67924px;fill:#999999;stroke-width:0.0375658">
<path
d="m 59.875067,43.414075 q 0.227391,0 0.34386,-0.110922 0.119242,-0.110923 0.119242,-0.327222 0,-0.213526 -0.119242,-0.324449 -0.116469,-0.113696 -0.34386,-0.113696 h -0.529656 v 0.876289 z m 0.03328,1.810813 q 0.291172,0 0.435371,-0.13588 0.146973,-0.135881 0.146973,-0.410414 0,-0.268988 -0.146973,-0.402095 -0.144199,-0.13588 -0.435371,-0.13588 h -0.562933 v 1.084269 z m 0.892927,-1.489137 q 0.310584,0.09983 0.479741,0.368818 0.169157,0.268987 0.169157,0.65999 0,0.598982 -0.366045,0.892927 -0.363272,0.293945 -1.106454,0.293945 H 58.38316 v -4.140188 h 1.441995 q 0.776458,0 1.123092,0.260668 0.349406,0.260668 0.349406,0.834693 0,0.302264 -0.127561,0.515791 -0.124788,0.210753 -0.368818,0.313356 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed';fill:#4d4d4d;fill-opacity:1"
id="path65586" />
</g>
</g>
<metadata
id="metadata128720">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:creator>
<cc:Agent>
<dc:title>Yorick Barbanneau ^ ephase</dc:title>
</cc:Agent>
</dc:creator>
<dc:rights>
<cc:Agent>
<dc:title>CC BY-SA</dc:title>
</cc:Agent>
</dc:rights>
<cc:license
rdf:resource="http://creativecommons.org/licenses/by-sa/4.0/" />
<dc:title>Man in the Middle sur BGP</dc:title>
</cc:Work>
<cc:License
rdf:about="http://creativecommons.org/licenses/by-sa/4.0/">
<cc:permits
rdf:resource="http://creativecommons.org/ns#Reproduction" />
<cc:permits
rdf:resource="http://creativecommons.org/ns#Distribution" />
<cc:requires
rdf:resource="http://creativecommons.org/ns#Notice" />
<cc:requires
rdf:resource="http://creativecommons.org/ns#Attribution" />
<cc:permits
rdf:resource="http://creativecommons.org/ns#DerivativeWorks" />
<cc:requires
rdf:resource="http://creativecommons.org/ns#ShareAlike" />
</cc:License>
</rdf:RDF>
</metadata>
<g
id="g49978"
transform="translate(-64.557516,17.472001)">
<path
id="path42226"
style="font-size:10.5833px;line-height:1.25;letter-spacing:0px;fill:#ffffff;stroke:#41e6a8;stroke-width:0.6"
d="m 79.403516,27.368929 a 3.773,3.7733111 0 0 1 -3.773,3.773311 3.773,3.7733111 0 0 1 -3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,3.773311 z" />
<g
aria-label="C"
id="text42921"
style="font-size:5.43003px;line-height:1.25;fill:#4d4d4d;stroke-width:0.135751"
transform="translate(30.732606,-2.8358533)">
<path
d="m 46.164628,31.881124 q -0.254533,0.145826 -0.530277,0.220065 -0.273092,0.07424 -0.570047,0.07424 -0.890864,0 -1.410535,-0.551488 -0.519671,-0.554139 -0.519671,-1.500682 0,-0.949195 0.519671,-1.500682 0.519671,-0.554139 1.410535,-0.554139 0.296955,0 0.570047,0.07424 0.275744,0.07424 0.530277,0.220065 v 0.819276 q -0.257184,-0.19355 -0.506414,-0.283697 -0.246579,-0.09015 -0.519671,-0.09015 -0.493157,0 -0.774204,0.349982 -0.281046,0.349982 -0.281046,0.965103 0,0.612469 0.281046,0.962452 0.281047,0.349982 0.774204,0.349982 0.273092,0 0.519671,-0.09015 0.24923,-0.09015 0.506414,-0.283698 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path49954" />
</g>
</g>
<path
style="fill:none;stroke:#de6a66;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:1, 0.5;stroke-dashoffset:0;stroke-opacity:1;marker-end:url(#marker77151)"
d="m 41.747047,39.112539 c 0,0 48.052305,24.403745 58.408983,2.564833 C 110.5127,19.83846 90.109059,15.306833 80.93809,12.281576"
id="path76639"
sodipodi:nodetypes="czc" />
<g
id="g69487"
transform="translate(1.83425,16.364986)">
<rect
style="fill:#ffffff;fill-opacity:1;stroke:#41e6a8;stroke-width:0.526969;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;stop-color:#000000"
id="rect50002"
width="6.770577"
height="6.770577"
x="59.259354"
y="26.742046" />
<g
aria-label="1"
id="text58282"
style="font-size:6.16474px;line-height:1.25;fill:#4d4d4d;stroke-width:0.154119">
<path
d="m 61.278682,31.664757 h 0.921099 v -2.904773 l -0.94518,0.216729 V 28.18806 l 0.939159,-0.216729 h 0.993342 v 3.693426 h 0.921099 v 0.800693 h -2.829519 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path69463" />
</g>
</g>
<g
id="g69497"
transform="translate(13.901411,10.674665)">
<rect
style="fill:#ffffff;fill-opacity:1;stroke:#41e6a8;stroke-width:0.526969;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;stop-color:#000000"
id="rect65581"
width="6.770577"
height="6.770577"
x="78.178421"
y="33.420956" />
<g
aria-label="2"
id="text65585"
style="font-size:6.16474px;line-height:1.25;fill:#4d4d4d;stroke-width:0.154119">
<path
d="m 81.145939,38.292494 h 1.778985 V 39.14436 H 79.98704 v -0.851866 l 1.474962,-1.447871 q 0.198669,-0.198669 0.291983,-0.388307 0.09632,-0.189638 0.09632,-0.394326 0,-0.316064 -0.192648,-0.508712 -0.189638,-0.192648 -0.505702,-0.192648 -0.24382,0 -0.535802,0.117395 -0.288972,0.114385 -0.620086,0.343154 v -0.987321 q 0.352184,-0.129436 0.695339,-0.195659 0.346165,-0.06923 0.677278,-0.06923 0.725441,0 1.125788,0.355195 0.403357,0.355195 0.403357,0.990331 0,0.367236 -0.171577,0.686309 -0.168567,0.316064 -0.71641,0.848856 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path69457" />
</g>
</g>
<g
id="g69492"
transform="translate(19.885104,-4.6594075)">
<rect
style="fill:#ffffff;fill-opacity:1;stroke:#41e6a8;stroke-width:0.526969;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;stop-color:#000000"
id="rect67195"
width="6.770577"
height="6.770577"
x="75.447449"
y="21.402767" />
<g
aria-label="3"
id="text67199"
style="font-size:6.16474px;line-height:1.25;fill:#4d4d4d;stroke-width:0.154119">
<path
d="m 79.519453,24.585852 q 0.406367,0.117395 0.620086,0.409378 0.213719,0.288972 0.213719,0.737481 0,0.668248 -0.460549,1.017423 -0.46055,0.346164 -1.345527,0.346164 -0.310043,0 -0.623096,-0.05719 -0.313053,-0.05418 -0.620086,-0.165557 v -0.894008 q 0.291982,0.162547 0.580954,0.246831 0.288972,0.08127 0.568914,0.08127 0.415398,0 0.635137,-0.159537 0.219739,-0.159536 0.219739,-0.457539 0,-0.307033 -0.225759,-0.46356 -0.22576,-0.159536 -0.668249,-0.159536 H 77.999339 V 24.32096 h 0.439478 q 0.391317,0 0.583965,-0.135456 0.192648,-0.138465 0.192648,-0.418407 0,-0.258871 -0.186628,-0.400347 -0.186628,-0.141476 -0.529782,-0.141476 -0.252851,0 -0.508711,0.06321 -0.255861,0.06321 -0.511722,0.186628 V 22.62626 q 0.310043,-0.09632 0.611056,-0.144486 0.304023,-0.04816 0.596005,-0.04816 0.788653,0 1.17997,0.288972 0.391316,0.285962 0.391316,0.863906 0,0.394327 -0.186628,0.647178 -0.186628,0.24984 -0.550853,0.352184 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path69460" />
</g>
</g>
<g
id="path103394"
transform="rotate(-58.814257,64.457424,106.68445)">
<path
style="color:#000000;fill:#ff2ad4;-inkscape-stroke:none"
d="m 88.806641,34.435547 c -0.03237,7.058597 5.615007,12.9257 14.431639,12.892578 l -0.002,-0.398438 C 94.596705,46.962145 89.17564,41.282809 89.207031,34.4375 Z"
id="path131898" />
<g
id="g131888">
<g
id="path131890">
<path
style="color:#000000;fill:#ff2ad4;fill-rule:evenodd;stroke-width:0.15;stroke-linejoin:round;-inkscape-stroke:none"
d="m 88.029762,36.524968 0.976268,-2.617762 0.952218,2.626605 c -0.567367,-0.421525 -1.346264,-0.422683 -1.928486,-0.0088 z"
id="path131894" />
<path
style="color:#000000;fill:#ff2ad4;fill-rule:evenodd;stroke-linejoin:round;-inkscape-stroke:none"
d="m 89.005859,33.832031 a 0.0750075,0.0750075 0 0 0 -0.07031,0.04883 l -0.976563,2.617188 a 0.0750075,0.0750075 0 0 0 -0.0039,0.02734 0.0750075,0.0750075 0 0 0 0.117188,0.06055 c 0.556422,-0.395542 1.300754,-0.394154 1.841796,0.0078 a 0.0750075,0.0750075 0 0 0 0.115235,-0.08594 L 89.07618,33.880846 a 0.0750075,0.0750075 0 0 0 -0.07031,-0.04883 z m 0,0.292969 0.832032,2.292969 c -0.524151,-0.30777 -1.151636,-0.307722 -1.685547,-0.0059 z"
id="path131896" />
</g>
</g>
</g>
<use
x="0"
y="0"
xlink:href="#path103394"
id="use154"
transform="matrix(0.72773129,0.68586236,0.68586236,-0.72773129,-15.356997,40.684023)"
width="100%"
height="100%" />
<g
id="path440">
<path
style="color:#000000;fill:#000000;fill-opacity:0;stroke-width:0.4;-inkscape-stroke:none"
d="m 39.666441,43.262315 c 3.151577,5.950738 11.523437,8.93801 18.317223,6.236332 -3.882949,1.666409 -4.569009,2.187703 -7.288537,7.798845"
id="path170" />
<path
style="color:#000000;fill:#ff2ad4;fill-opacity:0.815686;-inkscape-stroke:none"
d="m 39.84375,43.167969 -0.353516,0.1875 c 2.844809,5.371505 9.823245,8.326207 16.175782,7.017578 -0.733653,0.40239 -1.357331,0.833461 -1.908204,1.408203 -1.025399,1.06983 -1.880606,2.620367 -3.242187,5.429687 L 50.875,57.384766 c 1.357944,-2.801816 2.203627,-4.317923 3.171875,-5.328125 0.967116,-1.009022 2.075519,-1.542811 4.009766,-2.373047 0.0023,-9.72e-4 0.0036,-9.81e-4 0.0059,-0.002 L 57.910156,49.3125 c -0.0019,7.67e-4 -0.0039,0.0012 -0.0059,0.002 -6.693298,2.658115 -14.965471,-0.30243 -18.060547,-6.146484 z"
id="path172" />
<g
id="g160">
<g
id="path162">
<path
style="color:#000000;fill:#ff2ad4;fill-rule:evenodd;stroke-width:0.15;stroke-linejoin:round;-inkscape-stroke:none"
d="m 52.478903,55.836757 -2.011363,1.939121 0.275941,-2.780221 c 0.329589,0.625269 1.031551,0.962804 1.735422,0.8411 z"
id="path166" />
<path
style="color:#000000;fill:#ff2ad4;fill-rule:evenodd;stroke-linejoin:round;-inkscape-stroke:none"
d="m 50.728516,54.921875 a 0.0750075,0.0750075 0 0 0 -0.06055,0.06641 l -0.275391,2.779297 a 0.0750075,0.0750075 0 0 0 0.126953,0.0625 l 2.011719,-1.939453 a 0.0750075,0.0750075 0 0 0 -0.06445,-0.126953 c -0.672681,0.116311 -1.341953,-0.206476 -1.65625,-0.802735 a 0.0750075,0.0750075 0 0 0 -0.08203,-0.03906 z m 0.07422,0.230469 c 0.339875,0.504458 0.905224,0.776259 1.517578,0.734375 L 50.5625,57.580078 Z"
id="path168" />
</g>
</g>
</g>
<path
style="fill:#ececec;stroke:none;stroke-width:0.0510115;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 48.416595,61.158492 c -0.977644,-0.849852 0.669635,-2.980003 1.292275,-1.493782 -0.05751,1.538313 -2.854228,0.962166 -1.906705,-0.498608 0.380074,-1.151926 2.435255,-0.178078 1.477885,0.561865 -0.581334,-0.07886 -2.000102,-0.531682 -1.530148,0.569351 0.639811,0.900404 1.874063,-0.344151 1.57173,-0.782109 -0.05944,0.512192 0.518068,-0.727274 0.607551,0.08588 0.130148,0.943555 0.82697,-0.204627 1.091876,0.542088 0.610841,0.331608 0.15461,-0.62066 0.07498,0.122179 0.525675,1.257394 1.851703,-0.628642 1.095594,-1.295419 -0.835206,-0.392283 -0.903396,1.636724 -1.786054,0.985798 -0.06604,-0.878377 -1.158661,-1.788098 -1.706807,-0.674576 -0.704557,0.661527 0.478717,0.330401 0.630915,0.710208 0.34931,0.718678 0.863177,0.338572 1.256187,-0.04022 0.767238,0.01608 1.849454,0.06361 1.658408,-1.047784 -0.101012,1.110555 -1.315811,-0.149981 -1.700928,0.829573 -0.778556,1.04105 -1.689451,-0.100734 -1.948391,-0.905055 -0.392678,-0.190579 -0.550257,0.461052 -0.578078,0.740747"
id="path26364" />
<path
style="fill:#999999;fill-opacity:1;stroke:none;stroke-width:0.139682px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
d="m 46.99181,58.742178 1.353572,6.382089 c 0.969147,1.007986 2.378494,0.947812 3.239198,0 0,0 1.570551,-6.081993 1.609694,-6.382089 -1.530441,0.888206 -4.456496,0.816203 -6.202464,0 z"
id="path475"
sodipodi:nodetypes="ccccc" />
<g
id="g62829"
transform="translate(0.73592967,0.32945313)">
<circle
style="fill:#ffffff;fill-opacity:0.968252;stroke:#ff2ad4;stroke-width:0.4;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:0.815686;stop-color:#000000"
id="path49640"
cx="45.287933"
cy="48.673214"
r="2.2689548" />
<g
aria-label="3"
id="text46816"
style="font-size:3.63017px;line-height:1.25;fill:#ff2ad4;fill-opacity:0.815686;stroke-width:0.226885">
<path
d="m 45.694731,48.567746 q 0.239293,0.06913 0.365144,0.241066 0.12585,0.170164 0.12585,0.434274 0,0.393504 -0.271199,0.599119 -0.271199,0.203843 -0.792327,0.203843 -0.182572,0 -0.366917,-0.03368 -0.184344,-0.03191 -0.365144,-0.09749 v -0.526446 q 0.171937,0.09572 0.342101,0.145349 0.170164,0.04786 0.335011,0.04786 0.244611,0 0.374007,-0.09394 0.129396,-0.09394 0.129396,-0.269427 0,-0.1808 -0.132941,-0.272972 -0.132941,-0.09394 -0.393505,-0.09394 h -0.244611 v -0.439591 h 0.258791 q 0.230431,0 0.343874,-0.07976 0.113443,-0.08154 0.113443,-0.246384 0,-0.152439 -0.109898,-0.235748 -0.109898,-0.08331 -0.311968,-0.08331 -0.148893,0 -0.29956,0.03722 -0.150666,0.03722 -0.301332,0.109898 V 47.41382 q 0.182572,-0.05672 0.359826,-0.08508 0.179027,-0.02836 0.350964,-0.02836 0.464406,0 0.694837,0.170165 0.230431,0.168391 0.230431,0.50872 0,0.232203 -0.109898,0.381097 -0.109898,0.147121 -0.324375,0.207387 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path1808" />
</g>
</g>
<g
id="g62824"
transform="translate(24.811898,27.56597)">
<circle
style="fill:#ffffff;fill-opacity:0.968252;stroke:#de6a66;stroke-width:0.4;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;stop-color:#000000"
id="circle55086"
cx="55.412308"
cy="23.088493"
r="2.2689548" />
<g
aria-label="1"
id="text55090"
style="font-size:3.63017px;line-height:1.25;fill:#de6a66;stroke-width:0.226885">
<path
d="m 54.679359,23.938427 h 0.542399 v -1.710505 l -0.556579,0.127623 v -0.464406 l 0.553034,-0.127624 h 0.584939 v 2.174912 h 0.542399 v 0.471497 h -1.666192 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path62791" />
</g>
<circle
style="fill:#ffffff;fill-opacity:0.968252;stroke:#de6a66;stroke-width:0.4;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1;stop-color:#000000"
id="circle62812"
cx="55.412308"
cy="23.088493"
r="2.2689548" />
<g
aria-label="1"
id="g62816"
style="font-size:3.63017px;line-height:1.25;fill:#de6a66;stroke-width:0.226885">
<path
d="m 54.679359,23.938427 h 0.542399 v -1.710505 l -0.556579,0.127623 v -0.464406 l 0.553034,-0.127624 h 0.584939 v 2.174912 h 0.542399 v 0.471497 h -1.666192 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path62814" />
</g>
</g>
<use
x="0"
y="0"
xlink:href="#g62829"
id="use62831"
transform="translate(-19.266212,0.08802677)"
width="100%"
height="100%" />
<use
x="0"
y="0"
xlink:href="#use62831"
id="use62833"
transform="translate(10.981986,-24.835847)"
width="100%"
height="100%" />
</svg>
Side by side

After

Width:  |  Height:  |  Size: 27 KiB

189
content/secu_reseaux/2_mitm/images/rebond.svg Normal file
View file

@ -0,0 +1,189 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
width="61.302681mm"
height="50.090916mm"
viewBox="0 0 61.30268 50.090915"
version="1.1"
id="svg157"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://www.w3.org/2000/svg"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:dc="http://purl.org/dc/elements/1.1/">
<title
id="title128722">Interception</title>
<defs
id="defs154">
<marker
style="overflow:visible"
id="marker118266"
refX="0"
refY="0"
orient="auto">
<path
transform="scale(-0.6)"
d="M 8.7185878,4.0337352 -2.2072895,0.01601326 8.7185884,-4.0017078 c -1.7454984,2.3720609 -1.7354408,5.6174519 -6e-7,8.035443 z"
style="fill:context-stroke;fill-rule:evenodd;stroke:context-stroke;stroke-width:0.625;stroke-linejoin:round"
id="path118264" />
</marker>
</defs>
<g
id="g65632"
transform="translate(-36.230715,-22.312855)"
style="font-size:10.5833px;line-height:1.25;letter-spacing:0px;stroke-width:0.264583">
<path
id="ellipse21095"
style="fill:#ffffff;stroke:#41e6a8;stroke-width:0.6"
d="m 51.076715,38.328073 a 3.773,3.7733111 0 0 1 -3.773,3.773311 3.773,3.7733111 0 0 1 -3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,3.773311 z" />
<g
aria-label="A"
id="text51067"
style="font-size:5.67924px;fill:#999999;stroke-width:0.0375658">
<path
d="m 48.056601,39.643893 h -1.503002 l -0.238484,0.754274 h -0.965027 l 1.380987,-4.140189 h 1.145277 l 1.380987,4.140189 h -0.9678 z m -1.264518,-0.76814 h 1.020488 L 47.3051,37.228552 Z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed';fill:#4d4d4d;fill-opacity:1"
id="path65607" />
</g>
</g>
<g
id="g65638"
transform="translate(-9.686982,-27.866121)"
style="font-size:10.5833px;line-height:1.25;letter-spacing:0px;stroke-width:0.264583">
<path
id="path60996"
style="fill:#ffffff;stroke:#41e6a8;stroke-width:0.6"
d="m 63.689663,43.881339 a 3.773,3.7733111 0 0 1 -3.773,3.773311 3.773,3.7733111 0 0 1 -3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,3.773311 z" />
<g
aria-label="B"
id="text61000"
style="font-size:5.67924px;fill:#999999;stroke-width:0.0375658">
<path
d="m 59.875067,43.414075 q 0.227391,0 0.34386,-0.110922 0.119242,-0.110923 0.119242,-0.327222 0,-0.213526 -0.119242,-0.324449 -0.116469,-0.113696 -0.34386,-0.113696 h -0.529656 v 0.876289 z m 0.03328,1.810813 q 0.291172,0 0.435371,-0.13588 0.146973,-0.135881 0.146973,-0.410414 0,-0.268988 -0.146973,-0.402095 -0.144199,-0.13588 -0.435371,-0.13588 h -0.562933 v 1.084269 z m 0.892927,-1.489137 q 0.310584,0.09983 0.479741,0.368818 0.169157,0.268987 0.169157,0.65999 0,0.598982 -0.366045,0.892927 -0.363272,0.293945 -1.106454,0.293945 H 58.38316 v -4.140188 h 1.441995 q 0.776458,0 1.123092,0.260668 0.349406,0.260668 0.349406,0.834693 0,0.302264 -0.127561,0.515791 -0.124788,0.210753 -0.368818,0.313356 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed';fill:#4d4d4d;fill-opacity:1"
id="path65586" />
</g>
</g>
<metadata
id="metadata128720">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:title>Interception</dc:title>
<dc:creator>
<cc:Agent>
<dc:title>Yorick Barbanneau ^ ephase</dc:title>
</cc:Agent>
</dc:creator>
<dc:rights>
<cc:Agent>
<dc:title>CC BY-SA</dc:title>
</cc:Agent>
</dc:rights>
<cc:license
rdf:resource="http://creativecommons.org/licenses/by-sa/4.0/" />
</cc:Work>
<cc:License
rdf:about="http://creativecommons.org/licenses/by-sa/4.0/">
<cc:permits
rdf:resource="http://creativecommons.org/ns#Reproduction" />
<cc:permits
rdf:resource="http://creativecommons.org/ns#Distribution" />
<cc:requires
rdf:resource="http://creativecommons.org/ns#Notice" />
<cc:requires
rdf:resource="http://creativecommons.org/ns#Attribution" />
<cc:permits
rdf:resource="http://creativecommons.org/ns#DerivativeWorks" />
<cc:requires
rdf:resource="http://creativecommons.org/ns#ShareAlike" />
</cc:License>
</rdf:RDF>
</metadata>
<g
id="g464"
transform="matrix(-0.79768435,0.84833119,-0.84833119,-0.79768435,137.5366,-36.881012)"
style="fill:#7137c8;fill-opacity:1">
<path
style="color:#000000;fill:#7137c8;fill-opacity:1;-inkscape-stroke:none"
d="m 88.806641,34.435547 c -0.03237,7.058597 5.615007,12.9257 14.431639,12.892578 l -0.002,-0.398438 C 94.596705,46.962145 89.17564,41.282809 89.207031,34.4375 Z"
id="path454" />
<g
id="g462"
style="fill:#7137c8;fill-opacity:1">
<g
id="g460"
style="fill:#7137c8;fill-opacity:1">
<path
style="color:#000000;fill:#7137c8;fill-opacity:1;fill-rule:evenodd;stroke-width:0.15;stroke-linejoin:round;-inkscape-stroke:none"
d="m 88.029762,36.524968 0.976268,-2.617762 0.952218,2.626605 c -0.567367,-0.421525 -1.346264,-0.422683 -1.928486,-0.0088 z"
id="path456" />
<path
style="color:#000000;fill:#7137c8;fill-opacity:1;fill-rule:evenodd;stroke-linejoin:round;-inkscape-stroke:none"
d="m 89.005859,33.832031 a 0.0750075,0.0750075 0 0 0 -0.07031,0.04883 l -0.976563,2.617188 a 0.0750075,0.0750075 0 0 0 -0.0039,0.02734 0.0750075,0.0750075 0 0 0 0.117188,0.06055 c 0.556422,-0.395542 1.300754,-0.394154 1.841796,0.0078 a 0.0750075,0.0750075 0 0 0 0.115235,-0.08594 L 89.07618,33.880846 a 0.0750075,0.0750075 0 0 0 -0.07031,-0.04883 z m 0,0.292969 0.832032,2.292969 c -0.524151,-0.30777 -1.151636,-0.307722 -1.685547,-0.0059 z"
id="path458" />
</g>
</g>
</g>
<path
id="rect488"
style="fill:#de6a66;fill-opacity:1;stroke:none;stroke-width:0.292743;-inkscape-stroke:none;stop-color:#000000"
d="m 42.093305,9.6067538 v 1.9430342 h 0.957048 c 0.338778,0 0.611331,-0.27307 0.611331,-0.611849 v -0.719853 c 0,-0.3387809 -0.272553,-0.6113322 -0.611331,-0.6113322 z m 2.435511,0 c -0.338778,0 -0.611333,0.2725513 -0.611333,0.6113322 v 0.719853 c 0,0.338779 0.272555,0.611849 0.611333,0.611849 h 1.040246 V 9.6067538 Z m -1.787488,2.1378542 c -0.33878,0 -0.611333,0.272553 -0.611333,0.611332 v 0.72037 c 0,0.338779 0.272553,0.611332 0.611333,0.611332 h 2.189014 c 0.338778,0 0.611331,-0.272553 0.611331,-0.611332 v -0.72037 c 0,-0.338779 -0.272553,-0.611332 -0.611331,-0.611332 z m -0.648023,2.206583 v 1.943034 h 0.957048 c 0.338778,0 0.611331,-0.273069 0.611331,-0.611849 v -0.719852 c 0,-0.33878 -0.272553,-0.611333 -0.611331,-0.611333 z m 2.435511,0 c -0.338778,0 -0.611333,0.272553 -0.611333,0.611333 v 0.719852 c 0,0.33878 0.272555,0.611849 0.611333,0.611849 h 1.040246 v -1.943034 z m -1.787488,2.137854 c -0.33878,0 -0.611333,0.272553 -0.611333,0.611332 v 0.72037 c 0,0.33878 0.272553,0.611332 0.611333,0.611332 h 2.189014 c 0.338778,0 0.611331,-0.272552 0.611331,-0.611332 v -0.72037 c 0,-0.338779 -0.272553,-0.611332 -0.611331,-0.611332 z m -0.648023,2.137338 v 1.943033 h 0.957048 c 0.338778,0 0.611331,-0.273069 0.611331,-0.611849 v -0.719852 c 0,-0.33878 -0.272553,-0.611332 -0.611331,-0.611332 z m 2.41949,0 c -0.331398,0.0083 -0.595312,0.277846 -0.595312,0.611332 v 0.719852 c 0,0.33878 0.272555,0.611849 0.611333,0.611849 h 1.040246 v -1.943033 h -1.040246 c -0.0053,0 -0.01076,-1.33e-4 -0.01602,0 z" />
<path
id="rect20484"
style="fill:#ff2ad4;fill-opacity:1;stroke:none;stroke-width:0.0867115;-inkscape-stroke:none;stop-color:#000000"
d="m 40.531492,11.393316 -1.083943,1.083942 -1.083942,-1.083942 -0.472423,0.472423 1.083942,1.083942 -1.083942,1.083943 0.472343,0.472343 1.083943,-1.083942 1.083943,1.083942 0.472423,-0.472423 -1.083943,-1.083942 1.083943,-1.083943 z" />
<g
id="g29556"
transform="matrix(0.11902586,-1.1583605,-1.1583605,-0.11902586,52.868519,146.16307)"
style="fill:#ff2ad4;fill-opacity:1">
<path
style="color:#000000;fill:#ff2ad4;fill-opacity:1;-inkscape-stroke:none"
d="m 88.806641,34.435547 c -0.03237,7.058597 5.615007,12.9257 14.431639,12.892578 l -0.002,-0.398438 C 94.596705,46.962145 89.17564,41.282809 89.207031,34.4375 Z"
id="path29546" />
<g
id="g29554"
style="fill:#ff2ad4;fill-opacity:1">
<g
id="g29552"
style="fill:#ff2ad4;fill-opacity:1">
<path
style="color:#000000;fill:#ff2ad4;fill-opacity:1;fill-rule:evenodd;stroke-width:0.15;stroke-linejoin:round;-inkscape-stroke:none"
d="m 88.029762,36.524968 0.976268,-2.617762 0.952218,2.626605 c -0.567367,-0.421525 -1.346264,-0.422683 -1.928486,-0.0088 z"
id="path29548" />
<path
style="color:#000000;fill:#ff2ad4;fill-opacity:1;fill-rule:evenodd;stroke-linejoin:round;-inkscape-stroke:none"
d="m 89.005859,33.832031 a 0.0750075,0.0750075 0 0 0 -0.07031,0.04883 l -0.976563,2.617188 a 0.0750075,0.0750075 0 0 0 -0.0039,0.02734 0.0750075,0.0750075 0 0 0 0.117188,0.06055 c 0.556422,-0.395542 1.300754,-0.394154 1.841796,0.0078 a 0.0750075,0.0750075 0 0 0 0.115235,-0.08594 L 89.07618,33.880846 a 0.0750075,0.0750075 0 0 0 -0.07031,-0.04883 z m 0,0.292969 0.832032,2.292969 c -0.524151,-0.30777 -1.151636,-0.307722 -1.685547,-0.0059 z"
id="path29550" />
</g>
</g>
</g>
<path
id="path29558"
style="font-size:10.5833px;line-height:1.25;letter-spacing:0px;fill:#ffffff;stroke:#41e6a8;stroke-width:0.6"
d="m 33.486113,39.017605 a 3.773,3.7733111 0 0 1 -3.773,3.773311 3.773,3.7733111 0 0 1 -3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,-3.773311 3.773,3.7733111 0 0 1 3.773,3.773311 z" />
<use
x="0"
y="0"
xlink:href="#g29556"
id="use33553"
transform="rotate(-102.06767,30.477115,19.882284)"
width="100%"
height="100%" />
<g
aria-label="Pi"
id="text34063"
style="font-size:10.5833px;line-height:1.25;fill:#4d4d4d;stroke-width:0.264583"
transform="matrix(0.49265104,0,0,0.49265104,26.258062,22.03804)">
<path
d="m 3.675456,30.433884 h 2.9713854 q 1.3280801,0 2.036045,0.656289 0.7079649,0.651121 0.7079649,1.860345 0,1.214393 -0.7079649,1.870681 -0.7079649,0.651121 -2.036045,0.651121 H 5.4686225 v 2.676831 H 3.675456 Z m 1.7931665,1.441768 v 2.1549 h 0.9870168 q 0.5219303,0 0.8061497,-0.279052 0.2842195,-0.284219 0.2842195,-0.800982 0,-0.516762 -0.2842195,-0.795814 -0.2842194,-0.279052 -0.8061497,-0.279052 z"
style="font-weight:bold;font-stretch:semi-condensed;font-family:'DejaVu Sans';-inkscape-font-specification:'DejaVu Sans Bold Semi-Condensed'"
id="path41388" />
<path
d="m 10.098817,35.834049 h 0.665592 v 2.315102 h -0.665592 z m 0,-0.901237 h 0.665592 v 0.603581 h -0.665592 z"
style="font-size:4.23333px"
id="path41390" />
</g>
</svg>
Side by side

After

Width:  |  Height:  |  Size: 11 KiB

142
content/secu_reseaux/2_mitm/index.md Normal file
View file

@ -0,0 +1,142 @@
---
title: "Sécurité des réseaux : Man in the Middle"
date: 2022-09-20
tags: ["DNS", "TCP", "MitM"]
categories: ["Sécurité des réseaux", "Cours"]
---
Nous allons étudier deux vecteurs d'attaque de ce type:
* **le DNS**: c'est un protocole simple, on pose une question et le serveur
répond. Les attaques majeures se sont produite en 2004, 2014 et 2018.
* **le routage**: celui qui conrôle le routage peut emmener les paquets où il
le souhaite.
## Rappel sur TCP
![Rebond](./images/rebond.svg)
Si **A** n'accède pas à **B** en TCP alors il peut untiliser un picot **Pi**
pour le faire (proxy HTTP, SSH ect.).
Si un attaquant veut interferer dans une communication nentre **A** et **B**, il
y a une série de donnée qu'il devra connaitre:
| IP source | IP destination | port source | port destination | seq | ack |
|-----------|----------------|-------------|------------------|---------|---------|
| 32 bits | 32 bits | 16 bits | 16 bits | 64 bits | 64 bits |
### Fenêtre TCP
C'est un espace tampon dans lequel le système positionne les segments en
attente de traitement. C'est un intervale de numéro de séquences. Lorque la
fenêtre est pleine, l'emmeteur doit arrêter le traitement jusqu'à réception d'un
acquitement.
### Interrompre une communication
Nous avons deux méthodes pour interrompre une communication TCP entre deux
hôtes:
1. envoyer un segment `RST`;
2. initier une nouvelle connexion: renvoyer un `SYN` au milieu d'une connexion
n'est pas sensé arriver;
#### le cas du RST
Pour **se prémunir** d'un `RST` intempestif, TCP intègre un *ACK challenge*. Ce
mécanisme intègre lui même un *rate-limit* par la présence d'un compteur sur
l'*acl challenge*.
### Attaque par SYN
Partons du principe que l'attaquant connait déjà les adresses source et
destination ainsi que le port de destination. **Il lui reste à deviner le port
source**: 16 bis c'est jouable.
Notre attaquant peut aussi obtenir le nombre d'*ACK challenges* disponibles en
testant lui-même en amont.
Notre attaquant envoi un segment TCP forgé en se faisant passer pour la source.
Il envoie ensuite une série d'*ACK challenges**: **S'il en manque un alors c'est
gagné**.
**La contre-mesure**: une fonction de hashage sur le compteur d'*ACK challenge*.
## Man in the Middle sur le routage
Internet est organisé en systèmes autonomes (AS pour Autonomous System)
interconnectés.
### BGP
C'est le protocole de routage utilisé entre les AS. Chaque AS publie les plages
d'adresses qu'il connait (annonces de préfixe). Un paquet BGP contient le
préfixe et l'*AS Path*: le chemin parcouru par notre paquet.
> Ainsi si je reçois un paquet BGP dans lequel j'apparais, je le détruis
Si deux paquets annoncent une même route, c'est la plus **spécifique** qui
**l'emporte**.
```
A: 192.168.0.0/16
B: 192.168.0.0/24 <- gagnant
```
#### MitM sur BGP
Maintenant, comment exploiter tout ça pour mettre en place une attaque
spéficique. Notre attaquant peut forger une annonce
![Attaque MitM sur BGP](./images/mitm_bgp.svg)
1. L'attaquant repère une route propre vers sa victime **B**;
2. Il forge une annonce BGP vers **B** avec dans l'*AS path* les AS 1, 2 et 3
repérés précédement
3. L'attaquant lance l'annonce, comme **1**, **2** et **3** sont dans l'*AS
path*, ils ignonrent l'annonce
#### MitM sur OSPF
OSPF pour -- *Open Shortest Path First* -- est un protocole de routage qui
permet de déterminer le meilleur chemin vers d'autres routeurs. Un paquet OSPF
contient deux champs qui nous intéressent:
* `advertising router`
* `link id`
Ces deux champs soivent être identique, mais **la norme est ambigue**. Les
routeurs Cisco ne le vérifiaient pas, il était donc possible de polluer les
tables de routages.
## Man in the Middle sur le DNS
DNS utilise le protocole *UDP* sur le port 53:
| IP source | IP destination | port source | port destination | request ID | Payload |
|-----------|----------------|-------------|------------------|------------|---------|
| 32 bits | 32 bits | 16 bits | 16 bits | 64 bits | ... |
Le principe de l'attaque est d'empoisonner le cache d'un résolveur.
### Attaque via le port source
Avant 2008, le port source était écrit en dur dans le logiciel et donc connu à
l'avance. Mais cet état a chagé après la découverte de cette faiblesse par
[Kaminsky](https://www.bortzmeyer.org/comment-fonctionne-la-faille-kaminsky.html).
Avant cela un attaquant avait juste 16 bits d'entropie à déjouer...
Dans une trame DNS, la partie la plus critique est composée des
**adresses et port sources** ainsi que **l'identifiant de requête**.
L'attaquant connait les adresses IP ainsi que le port de destination mais ni
le **port source** ni l'**ID de requête**. L'entropie et trop forte, impossible
de le deviner.
L'attaquant peut alors utiliser à son avantage la **fragmentation IP** en jouant
avec la [MTU](https://fr.wikipedia.org/wiki/Maximum_transmission_unit). En
découpant la trame UDP au bon endroit, il lui est possible de séparer l'entête
UDP et l'ID de requête d'un côté, et la charge utile de l'autre.
Mais en frangmentant, l'attaquant doit pouvoir manipuler l'*IPID*.