Metasploit.com Attempted Hijack

Filed under Hacking

This past Monday, some silly hacker got the idea that he could easily redirect traffic from Metasploit.com to some Chinese forum using some ARP poisoning directed at the router that the metasploit.com domain resides. Basically he did a MITM attack. Here is an excerpt from HD Moore’s reply on the Full Disclosure mailing list:

“Problem solved. Someone is ARP poisoning the IP address of the router on which the www.metasploit.com server resides.
I hardcoded an ARP entry for the real router and that seems to solve the MITM issue. It doesn’t help the other 250 servers
on that network, but thats an issue for the ISP to resolve…”

Sucks to be those other 250 servers! This hacker should have brought his a-game if he really wanted take on HD Moore…FAIL!

One Comment

  1. z00 says:

    funny season of to begin 😀

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*