Infecting files during a MITM attack is a common way of malware infection vector. There already exists several tools to do this – free tools, commercial tools, and even leaked tools. Several drawbacks exist though like not ‘real’ on-the-fly infection, only PE files infection etc.
In this session, I will present some techniques to avoid these drawbacks. The talk will not only be PE centric, but I will also talk about OTF infection of other file types. The topics covered are state of art, reverse engineer file types, ways to infect and protocol abusing. I will also use an open source tool I developed for these tasks.