use nmap to find out more info
# nmap 172.20.1.30
or
# nmap 172.20.1.1/24
used command
Arpspoof
Driftnet
setup port forwarding
Change the value in your /proc/sys/net/ipv4/ip_forward from 0 to 1 - See more at: http://www.hacking-tutorial.com/tips-and-trick/how-to-set-up-port-forwarding-in-linux-and-windows/#sthash.YQIMORR4.dpuf
Change the value in your /proc/sys/net/ipv4/ip_forward from 0 to 1 - See more at: http://www.hacking-tutorial.com/tips-and-trick/how-to-set-up-port-forwarding-in-linux-and-windows/#sthash.YQIMORR4.dpuf
Victim IP address : 192.168.8.90
Attacker network interface : eth0; with IP address : 192.168.8.93
Router IP address : 192.168.8.8
# 168.8.90 192.168.8.8
After step three and four, now all the packet sent or received by victim should be going through attacker machine.
Now we can try to use driftnet to monitor all victim image traffic. According to its website,
Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.
to run driftnet, we just run this
# driftnet -i eth0
To stop driftnet, just close the driftnet window or press CTRL + C in the terminal
For the next step we will try to capture the website information/data by using urlsnarf. To use urlsnarf, just run this code
# urlsnarf -i eth0
and urlsnarf will start capturing all website address visited by victim machine.
When victim browse a website, attacker will know the address victim visited.
After step three and four, now all the packet sent or received by victim should be going through attacker machine.
Now we can try to use driftnet to monitor all victim image traffic. According to its website,
Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.
to run driftnet, we just run this
# driftnet -i eth0
To stop driftnet, just close the driftnet window or press CTRL + C in the terminal
For the next step we will try to capture the website information/data by using urlsnarf. To use urlsnarf, just run this code
# urlsnarf -i eth0
and urlsnarf will start capturing all website address visited by victim machine.
When victim browse a website, attacker will know the address victim visited.
