Structure Diagram

For understanding a better way let’s see below diagram:

There are mainly 4 steps in this type of attack:

1. Victim requests to the server in HTTPS but by arpspoof attacker spoofed network and the request HTTPS pass through the attacker machine.
2.  After hijacking the HTTPS Request attackers use the same HTTPS Request to the server because many modern servers respond only in  HTTPS  mode.
3.  When the server responds in HTTPS encrypted format attacker changes it from HTTPS  to HTTP, which is a secure connection.
4.  For the victim, the request attacker responds in the form of HTTP and works as a man-in-the-middle.

These types of attacks can be done in public networks. A malicious user can also make their personal Wi-Fi network and when anyone gets connected to the network they perform credential theft attacks on bank accounts or any other malicious activity.

SSL(Secure Sockets Layer) Stripping is basically one type of action that can be performed by Cyber attackers or any intruders in a specific area of the network and it changes  HTTPS(Hyper Text Transfer Protocol Secure ) Connection to HTTP (Hyper Text Transfer Protocol) Connection. ARP (Address Resolution Protocol) Spoofing helps to establish SSL Stripping Attack against any victim which is connected to the same area of the attacker’s network such as the same Public Wi-Fi.