You may use the UPB's OpenStack cloud to instantiate a Virtual Machine to be used for this lab! Read these instructions if you wanna know how!.
In the last lecture ( Lecture 05 - Authentication and Key Establishment), we studied various authentication protocols and how their behavior and security may be analyzed.
In the current lab, we test a MitM attack on a simple, but broken Diffie-Hellman based protocol.
docker pull ropubisc/auth-lab # to update image mkdir ~/auth-lab # to store your MitM solution persistenly # you may use the --debug or --mitm argument at the end of the docker command # when ran with no arguments, it runs a direct Client-Server simulation (no MitM) docker run --rm --name auth-lab -v $(pwd)/auth-lab/:/home/hacker/auth-lab -it ropubisc/auth-lab
~/auth-lab/
folder is used as persistent volume so you won't lose + sync your work inside the container!server.py
) / modify the ~/auth-lab/mitm.py
file and run it inside the container (with --mitm
argument for the real case);1337
;--debug
as first argument to the Docker image; find the logs inside /var/log/auth-lab.log
;py-diffie-hellman
and pycryptodome
using pip
);