Certified Ethical Hacker (CEH v11) — Question 47

An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections. When users accessed any page, the applet ran and exploited many machines.
Which one of the following tools the hacker probably used to inject HTML code?

Answer options

• A. Wireshark
• B. Ettercap
• C. Aircrack-ng
• D. Tcpdump

Correct answer: B

Explanation

Ettercap is specifically designed for network attacks and can inject code into data streams, making it the appropriate tool for the attack described. Wireshark and Tcpdump are primarily used for packet capturing and analysis, not for code injection. Aircrack-ng focuses on cracking WEP and WPA keys and does not facilitate HTML code injection.