How does the airdrop mitm attack in the given photo take place step by step?

Transcribed Image Text:

Sender "Jane" Attacker Receiver "Jehn" (1) DISCOVERY (as in Figure 2) (2) AUTHENTICATION HTTPS POST Discover DoS. Attacker disrupts all overheard connections by mounting a TCP reset attack thereby preventing Jane from discovering John. TCP RST TCP RST HTTPS POST Discover Only while John is not discoverable by everyone, the attacker periodically tries to authenticate to John. HTTPS OK 200 withour device name Cantaris Cry HTTPS POST Discover When John already is or becomes discoverable by everyone, the attacker successfully authenticates to John. HTTPS OK 200 uth device name "John k iPhone™ Everyone Attacker advertises AirDrop service as in (1) The attacker immdiately starts advertising a service using "John" as its computer name. Jane authenticates and displays the attacker s identity "John" in the sharing pane. HTTPS POST /Discover ADrop " w shepoto HTTPS OK 200 with device name "John (3) DATA TRANSFER HTTPS POST/IAsk with device name "Jane's iPhone" HTTPS POST IAsk with device namle "Jane" Jane selects "John" as the receiver. Decine Acset Attacker forwards request with original thumbnail and device name "Jane ": forwards response as is. HTTPS OK 200 HTTPS OK 200 HTTPS POST Upload HTTPS POST Upload o0 Attacker receives original file and forwards a modified copy to John HTTPS OK 200 HTTPS OK 200 Figure 13: Protocol flow and user interaction of our MitM attack on AirDrop.