Man-in-the-middle attack

-


Man in the Middle attack in this blog I will show you the practical of (MITM attack) before we move to the practical first of all understand what the heck is man in the middle attack?

 So, in MITM the hacker places himself between the Router & Victim and all the request which was supposed to go directly through the router but it is sniffed by the hacker and now the hacker can see & modify the request and the hacker can clearly see your traffic.



     


Below are the steps of MITM in a practical Way.

STEP 1 : You should know the IP & MAC address of windows(Victim),  Kali(Hacker's Machine) & Routers.

STEP 2 : Open Ettercap in Kali Linux with this command sudo ettercap -G and scan for the live host and (here we've opened Ettercap in the GUI version)




                           

Now select the option scan for hosts to scan the hosts in your subnet.



                             

       
Now select the option host list to view the hosts that have been added. 





STEP 3 : Now you can see the host list & from that select the IP address of your router and add it to Target 2 and Windows(victim IP) to Target 1.                     

STEP 4 : Now select the globe-like icon and choose the ARP poisoning option.



STEP 5 : Open Wireshark and at the display filter add your windows(victim IP) 



STEP 6 :  Open any browser on Windows(Victim device) I've opened chrome and entered the http ://reddit.com) 




STEP 7 :  Now head back to Wireshark and we could see the DNS request. as you can see the request is captured by the Wireshark below.



From the above Practical we could see how a hacker can intercept your traffic between your router and your devices through MITM Attack.  
NOTE : This Practical is Just for Educational Purpose, Perform it in a safe environment only.









Comments

Post a Comment

Popular posts from this blog

Installing Snort & Configuring With Custom Rules

-
Image
  In this blog, I'll guide you from installation to setting up custom rules for snort. so before we move on you must've got this question what snort is? so snort is the intrusion prevention system in which we can set custom rules to get alerts for the malicious activity which is happening in our system. Here I'll be setting up snort in my kali machine! STEP :1  The first step is to head to your network section & in that Promiscuous mode change it to > allow all as you can see in the below picture. STEP 2 :  Type the command  sudo apt-get install snort   While setting up this you'll be asked an IP range so you should type that only it looks something like this 192.168.1.0/24   (your ip.0/24)   STEP 3 :   After installation, we've to change the directory where snort is installed so here is the command  cd/etc/snort after this use the ls -l command to list all the files. STEP 4 :  Here I don't want to mess up with the original f...
Read more

15 Linux command you should know as a beginner

-
Image
  New to Linux?  Don't worry I got your back here are 15 Linux basic commands which can help you to get navigate in the Linux environment although this is not the complete list of commands here are some of them which could get you started In your Linux journey.  ctrl+alt+t                        →  To open a new terminal. clear                               →  To clear screen.   ctrl +c                            →  to end the actively running process. ctrl+z                        →  to suspend/pause a process. ls -la                               →  T...
Read more

Hacking Into a Wi-Fi Network

-
Image
In this blog, I'll show you how easy it is to break into a wifi network. there are many utilities you can use to hack into a network like Fluxion,wifiphisher,   and so on. in this tutorial I'll use the aircrack-ng suite to break in. Disclaimer: Perform this in your own lab environment only do not attack someone else network without their consent. This is for educational purposes only.  Requirements: Before you move on you'll need an external Wi-Fi adapter that supports monitor mode besides we'll also need kali Linux to perform our operations.  STEP1 :   we'll kill the non-relevant process which are running in the background and which could possibly interfere with our hacking so we’ll use the command           => sudo airmon-ng check kill STEP2: Now plug in the adapter and change its mode form managed to monitor mode with this command.            => sudo airmon-ng start wlan0 STEP3: Now we’l...
Read more