Man-in-the-middle attacks
A man-in-the-middle (MITM) attack is a kind of attack where an attacker interposes itself between two communicating parties, typically (but not necessarily) a client and a server, and relays the exchanged messages transparently, making the parties believe that they are directly talking to each other.
In our case, the MITM attack is a honeypot software AP that lures the clients to connect to it, believing it is the legitimate one. In this way, all the network traffic sent and received by the client passes through the fake AP and the attacker can sniff and manipulate it, retrieving passwords and sensitive information, altering data, and hijacking sessions.
For example, the attacker can eavesdrop and sniff the traffic using network sniffers such as tcpdump, Wireshark, and Ettercap. Ettercap is not only a sniffer but also a tool for launching MITM attacks that provides a GUI and supports many network protocols. For more information about it, refer to Appendix, References...
