MITM Attack using Ettercap and Packet Analyzing using Wireshark

 It is an attack in computer networks where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. It is an active eavesdropping in which the attacker can alter the message in the communication ie, the entire conversation can be controlled by the attacker and inject new ones.


Ettercap is probably the most widely used MITM attack tool. Ettercap enables us to place ourselves in the middle between two machines. It basically a suite of tools to simplify MITM attacks. It can be used either from the command line (CLI) or the graphical user interface (GUI). Ettercap is GUI based tool built in Kali linux and that has been used in MITM attack here.

Step 1: Start ettercap  by typing following command in terminal as kali > ettercap –G and the ettercap GUI will start as shown below.



Then select the primary interface as shown below and click on start as shown above

Wait until it shows message " Starting Unified Sniffing " as shown below:-



Make sure your target should be in your network to know that scan for host:-




Now you will get your hosts list as below :-



Now add victims IP Address to Target 1 and your IP Address to Target 2 

And Go for ARP Poisoning :-


It will show as shown below Go for Sniff Remote Connections:-


After clicking OK you can monitor packets between victim and Router:-

Step 2:- start Wireshark to analyse the packets


for testing I have searched http site in victims device 


THAT'S ALL WE HAVE SUCCESSFULLY PERFORMED MITM ATTACK

Comments

Post a Comment

Popular posts from this blog

Configuring SNORT on Network using Kali Linux

Image
  What is SNORT ? Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users. Snort can be deployed inline to stop these packets, as well. Snort has three primary uses: As a packet sniffer like tcpdump, as a packet logger — which is useful for network traffic debugging, or it can be used as a full-blown network intrusion prevention system. Snort can be downloaded and configured for personal and business use alike. IN THIS BLOG WE WILL CONFIGURE SNORT ON LOCAL HOME NETWORK Here I will show you how you can configure some set of Rules to get alert message from your local home network(WIFI) if someone using youtube, Facebook. LETS START:- STEP 1:- Download and Install SNORT in Kali Linux  using command apt install snort  STEP 2:- move to snort directory using command "cd /etc/...
Read more