10. MITM via Proxy Example, Continued

Now, select the forward button and wait to receive the response from Google. Once you receive the response in the proxy, elect to allow it to go through to the browser.

You will notice that although you originally submitted "achilles" in the Google search, you have received back a search based on "burp".

"Ok," I hear you say. "Sure, why wouldn't it change, given that you told me to change it in the proxy." And therein lies the point of the exercise.

You opened a Google page and entered "achilles". You then intercepted that page in the proxy program and altered the word "achilles" to read "burp". Google received the changed word and executed and returned data based on that search.

If someone were doing this for real, you would have no control over what happened to your browser request page after you had submitted it. And it wouldn't be an innocuous site like Google to which the information was being sent. If this were your bank page, and you elected to pay your credit card bill of $1000, and a MITM intercepted it and changed it to $1, you would be a bit miffed. It doesn't take much imagination to think of even worse possible scenarios.

So, in the future, when you see the padlock icon in the browser, don't let your feeling of security get the better of you. And if you have been prompted with any message that implies that something is wrong, pay attention to it!

Incidentally, SSL can be configured to resist MITM attacks. We'll come back to this in a future article.