Certified Ethical Hacker (CEH v10) — Question 58

An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections.
When users accessed any page, the applet ran and exploited many machines.
Which one of the following tools the hacker probably used to inject HTML code?

Answer options

• A. Wireshark
• B. Ettercap
• C. Aircrack-ng
• D. Tcpdump

Correct answer: B

Explanation

Ettercap is specifically designed for network packet manipulation and can easily inject code into network traffic, making it the correct choice. Wireshark is primarily a packet analyzer and does not perform code injection, while Aircrack-ng focuses on cracking WEP/WPA keys and Tcpdump is a command-line packet capture tool without injection capabilities.