Skip to main content

Perform A Man In The Middle Attack With Kali Linux & Ettercap

By

It’s one of the simplest but also most essential steps to “Conquering” a network. Once a hacker has performed a “Man In The Middle” attack (MITM) on a local network, he is able to perform a number of other “Side-kick” attacks. This includes: cutting a victim’s internet connection; intercepting Emails, logins, chat messages, and many others.

And only one tool is needed for this attack:

  • An install or Live boot of Kali Linux, a well-known OS containing a collection of hundreds of penetration testing tools.

If you have that, then proceed to the tutorial below, and we’ll demonstrate how to perform this attack.

Important Notice:
This tutorial is intended to be used for penetration testing, i.e. the act of hacking to become more secure. It is not at all meant for malicious purposes. Performing any type of fraudulent activity on someone else’s network without permission is considered a crime in most countries. Lewis’s Computer Howto’s is using their own test network in this demonstration.

By reading and/or using the information below, you are agreeing to our Disclaimer,

 

Step One:

Start Kali Linux and login, preferably as the root user. When you’ve logged in, open a Terminal and enter this command: echo 1 > /proc/sys/net/ipv4/ip_forward. This enables IP forwarding, which is mandatory in order for the victim device to maintain connection while we are ARP poisoning it. This command will not be permanent; you’ll have to enter it every time that you restart Kali and wish to perform another MITM attack.

Step Two:

For whatever reason, ettercap doesn’t come ready to work from the factory. We need to make some small edits before it will work.
Open a Terminal and type: leafpad /etc/ettercap/etter.conf

Step 1

Step Three:

Look through the text file that just opened. On one of the first lines, under the [privs] section, look for the words highlighted below:

Step 2

You need to change the “ec_uid” and “ec_gid” values to zero. They should look like this when done:

Step 2.1

Remove the number 65534 and replacing it with 0 (zero). You can leave the “# nobody is default” line.

Step Four:

This next one will be tricky to locate, so we’re going to use the “Find” option. Click on Search in the toolbar at the top of leafpad and click Find, or hit Ctrl+F.

Type the word iptables in the box that appears and click the Find button or press Enter.

Step 3

It should skip to a line that looks like this:

Step 3.1

We need to “uncomment” the two bottom lines. To do this, remove the two “#” symbols before each “redir_command,” so that the two lines look like this:

Step 3.2

Now close leafpad and click Yes when it asks you to save changes.

Step Five:

Now start Ettercap-gtk, open a Terminal and type ettercap –G

Step 5

Wait until Ettercap opens. When it does, click Sniff in the toolbar and select Unified Sniffing… from the menu.

Step 5.1

Step Six:

Select the interface that’s connected to the network.

Step 6

If your using a wired (ethernet) connection, then the interface will probably be eth0, but if you’re using wireless, (WLAN), then it will be a different one. To find which one of your interfaces is connected, run ifconfig.

Step Seven:

Now Ettercap should load into attack mode. Click on Hosts and select Scan for hosts from the menu.

Step 7

Step Eight:

Ettercap will briefly scan for hosts on the network. After a moment, you should see the words “hosts added to the host list…” in the command box.

Click on Hosts again, and this time select Hosts list from the menu.

Step 8

Step Nine:

Click the IP address of the router and click the Add to Target 1 button.

Step 9

Then select the IP of your test victim’s machine and click Add to Target 2.

Step 9.1

Step 10:

Now click Mitm on the toolbar and select Arp poisoning…

Step 10

When the question box shows up, check the box next to Sniff remote connections and hit OK.

Step 10.1

Step 11:

Ettercap will now Arp poison the victim and router. It might take a few minutes for the ARP process to work out, but once it does, your victim PC should be able to still connect to the internet without knowing that you’re virtually in between it and the router. If you’re victim can’t connect, make sure that you entered the “IP forward” command in Step 1 before starting ettercap. It might be a good idea to test this attack on one of your devices first, just to make sure that everything is going as planned.

Step 11

You’ve successfully executed an MITM attack!

You can now use tools such as URLsnarf and SSLstrip to sniff out information about your victim’s internet traffic. You can also use etterfilters to cut you victim’s internet completely. Tutorials on how to use these tools will be coming soon.

To stop the MITM attack, click on MITM and select Stop mitm attack(s) from the menu.

Step stop

Ettercap will then send the ARP correction packet, and the network will return to normal. You can then close Ettercap.

 

Ways to protect yourself against one of these attacks.

There are a couple of methods:

  • ARP detection software

This method is pretty useless. There are very few ARP detection programs out there, and the few that do exist are either free junk or over priced. In addition, to use these programs on a windows machine requires installing special drivers for your wireless cards. Recommendation: Don’t use.

  • Static ARP entries

This method works the best for the standard individual. You just type in a simple command and your computer becomes “Unarpable.” This is how it works:

When an attacker performs an ARP MITM attack, his computer sends a ARP packet to the victim’s machine telling it that his mac address is the router’s. The victim’s machine is fooled and starts sending its data to the attacker.

When you enter a static ARP entry, you’re telling your computer that the router’s mac address is permanent and will not be changed. Therefore, your computer ignores any phony ARP packets sent by the attacker.

We will be making a tutorial on how to do this soon. In the meantime, you can use Google to find answers.

 

We Hope You Enjoyed This Tutorial

Labels:

Comments

Post a Comment

Popular posts from this blog

How to install CUCM 8.0.2 on Vmware | Call Manager Installation Guide

By
CUCM is a software-based call-processing component which serves as the main engine for Cisco VOIP infrastructure. This article can be used as a reference for your CUCM installation, This article can be used for any version of CUCM like 8.0, 8.6, 9.1 or 10.5. Let's jump to the installation directly. Make sure you have.. Before we begin, I want to make sure that you have the below softwares installed in your machine. Vmware Workstation Bootable Cisco Unified Call Manager ISO File GNS3 (Optional) - To Configure NTP Server A minimum of 2GB RAM and 80 GB HDD for Virtual Machine At this stage I assume that you have both Vmware Workstation and GNS3 installed. During installation you will be prompted to enter NTP server details. Follow the below steps to make a router to act as a NTP server in GNS3. Open ncpa.cpl from Run window. Find a Vmware network adapter. Double click the adapter and configure a private range IP, for example 120.0.0.1. Next open GNS3, Put a router and take console. Pa...
Post a Comment
Read more

6 Url Shorteners Yang Menghasilkan Uang Selain AdF.ly

By
Salam sobat GBX nah di pertemuan kita kali ini ane akan membahas 6 Url Shorteners Yang Menghasilkan Uang Selain AdF.ly seperti yang anda tau adf.ly adalah url shortener terbaik yang membayar kita karena telah menggunakan jasannya, tapi selain adf.ly ternyata masih banyak lagi Url Shorteners Yang Menghasilkan Uang, sekarang kita lihat saja ulasan di bawah.  6 Url Shorteners Yang Menghasilkan Uang Selain AdF.ly 1. Adfly adf.ly Yup yang ini memang patut diletakkan di peringkat satu ya, Adfly sudah ada dan terpercaya sejak bertahu-tahun lalu dan sudah menjadi pemendek link / url terbaik selama ini.  Selain menyediakan fasilitas penyingkat url, adfly juga merupakan situs penghasil dollar yang sudah sangat terkenal (melalui Pay Per Click dan Referal). Banyak juga teman-teman di internet yang sudah sukses mendapatkan dollar lho. (adfly ini sudah terpercaya dan ya semoga terus aman begitu dech). Komisi yang telah anda dapatkan dari adfly ini bisa langsung di transfer ke pay...
Post a Comment
Read more

eXploit WP Themes Brainstorm Arbitrary File Upload Vulnerability

By
Hello World ; Malam Fans, Please Say Hello Haters :* xixixhi, Nuenomaru disini,  Sekarang Nue akan Share   Tutorial Deface dengan eXploit WP Themes Brainstorm Arbitrary File Upload Vulnerability * ini exploit lama sih wkwkw exploit ini salah satu bug/celah yang ada pada theme di CMS WordPress. iseng2 aja share, Kali aja masih  crotz  wkwkw * yg master minggir dlu ;* Lanjut intip tutor ae gaes :* mau sampai kapan ?! Dork: inurl:/wp-content/themes/brainstorm (Selebihnya kebangin lg menggunakan imajinasi vokepers kalian, biar dpt yg vuln n verawan) 1. Dorking di search Engine 2. pilih salah satu web target yg pengen ente tusb0l pak wkwk, lalu masukan exploitnya. exploit: /[path]/ /wp-content/themes/brainstorm/functions/jwpanel/scripts/uploadify/uploadify.php 3. Vulnerability ~ Blank Kurang lebih sih gituh awkkaw~ 4. Buat File Baru Berekstensi .php Contoh brain.php Dan Simpan Script Berikut Di Directory C:/XAMPP/php Masukan Script Berikut Edit-Edit Dikit dan t...
Post a Comment
Read more