Overview

Kevin Mitnick was probably one of the most famous hackers in the history. In 1994, he successfully launched an attack on Shimomura's computer, by exploiting the vulnerabilities in the TCP protocol and the trusted relationship between two of Shimomura's computers. The attack triggered a dramatic showdown between the two people, and it eventually led to the arrest of Kevin Mitnick. The showdown was turned into books and Hollywood movies later. The attack is now known as the Mitnick attack, which is a special type of TCP session hijacking attack.

The objective of this lab is to recreate the classic Mitnick attack, so students can gain the first-hand experience on such an attack. We will emulate the settings that was originally on Shimomura's computers, and then launch the Mitnick attack to create a forged TCP session between two of Shimomura's computers. If the attack is successful, we should be able to run any command on Shimomura's computer.

Tasks (English) (Spanish)

• VM version: This lab has been tested on our SEED Ubuntu-20.04 VM
• Lab setup files: DO NOT unzip the file in a shared folder, as that would cause problems. Copy the zip file to another folder inside the VM, and then use the unzip command to unpack.
  • Labsetup.zip
  • Labsetup-arm.zip (for Apple Silicon machines)
• Manual:: Docker manual

Time (Suggested)

• Supervised (closely-guided lab session): 2 hours
• Unsupervised (take-home project): 1 week

SEED Videos

• Udemy: Internet Security: A Hands-on Approach (§ 6)
• Identical videos are available on NetEase (for Mainland China)

SEED Books (English) (Chinese)

• Computer & Internet Security: A Hands-on Approach, 3rd edition (§ 20)
• Internet Security: A Hands-on Approach, 3rd edition (§ 6)

Feedback and Help