MITM injection attacks?
I read alot about MITM attacks to steal info or right now to do SSL MITM attacks, but maybe I’m ignorant cuz maybe discussed long ago, but I was thinking of MITM to inject malicious data into the stream?
Is it possible to do a MITM, detect for say an installer download or Windows Update for hotfix or update exe, then on-the-fly attach something at the end of the exe, or better still repack the whole exe into 2 exe to be dropped?
WIth something like Paros Proxy or even tcpdump sourcecode, it is possible right? I’ve never tried this b4 so things like is there a TCP checksum? What about reporting filesize, will the browser be confused? I’ve seen browser download file where the filesize is unknown but it still know when to complete the download. Damn I need to know more about TCP/IP and HTTP 
With a proxy or even a wifi access point, it should be I think easy to intercept a webpage, then modify the content and return to browser, but file download then repack the file is I think a much trickier problem.
Something worth exploring 
