We intercept login and password using Wireshark + ettercap
Hackers Academy last edited by
Ettercap is an application for analyzing network traffic passing through a computer interface, but with additional functionality. The utility allows you to perform attacks such as "man in the middle" to force another computer to transfer packets not to the router, but to you.
Wireshark is a fairly well-known tool for capturing and analyzing network traffic, in fact the standard for both education and Troubleshoot. Wireshark works with the vast majority of known protocols, has a clear and logical graphical interface based on GTK + and a powerful filter system.
The “Man In The Middle” attack is a type of attack when an attacker intercepts and spoofs messages exchanged between correspondents, and none of the latter guesses about his presence in the channel.
First you need to connect to a wireless network. Then run the ettercap application. It has a UI interface.
We need to determine which ip devices are connected to the same network as us. To do this, go to the section Sniff -> unified sniffing
In this section, you need to select the type of network that we want to track. In our case, it is a wireless network.
After that, additional options will be displayed. Next, select the Hosts -> Scan for hosts section. After the scan is completed, you need to go to the list section of all the hosts that we found in the scanning phase, for this we enter the section Hosts -> Hosts list.
In this option we select:
- ip addresses we want to track
- add monitoring for them using the Add to Target 1 and Add to Target 2 buttons
Then we go to the Mitm -> ARP poisoning section and check the sniff remote connections function, and in the end we press the start of tracking through the Start button.
Next, run the Wireshark program.