 | Ettercap is a comprehensive suite for man in the middle attacks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. |
|---|
Screenshot will be include soon!!!
1. Open Terminal from the left panel. Type ettercap -G.2. Then wait for ettercap to launch. Select the Snif > Unified Sniffing or Ctrl + U (Shortcut Key). Select your interface (eth0/wlan0) then click OK.
3. Select Hosts > Scan for Hosts. Then proceed to Hosts > Host List.
4. Open new Terminal and type ifconfig to check Router IP address.
5. Add the Network Address to Target 1, and Victim IP to Target 2.
6. Next, select Mitm > Arp poisioning. Tick the Sniff remote connections and click Valider.
7. Finally, Start > Start sniffing to intercept all the traffic.
8. Now, you might able to capture all the login credential via the Http packet. View > Connections to show the intercepted traffic.
9. Double click on the traffic. You might able to view the contents that transmitted such as Login ID and Password.
10. At the same time, open another Terminal type diftnet -i eth0 to capture live image traffic. Please select your interface correctly.
Keys to Success
- No Network surveillance tools such as IDS installed.
- Victim's PC dint use Static IP configuration.
- There is no Port-Security configured in Router.
Countermesure
- Using Static ARP Changer to ensure the integrity of ARP table.
- Using IDS/IPS to monitor the network.
- Configure Port-Security to prevent any unauthorized configuration.
No comments:
Post a Comment