actually need to accomplish the phish. Second, which is the important detail, is
that all phishers have a login account to the target bank site, so they have an idea
of what occurs before and after a user logs in. In this trivial demonstration, we
know that Login.cgi works such that we can transparently add the URI to the end
of Login.cgi and pass it on. In the chapter covering Web exploitation, we will
demonstrate very creative attacks that can occur that are less basic but extremely
effective.
Tricks of the Trade…
Man in the Middle
Phishing itself is technically an MITM technique, since the phisher is the
attacker in the middle attempting to intercept ...