Lab Scenario/Overview

This lab covers the use of Ettercap to carry out a Man in the Middle attack on a wifi network. This also covers the case of SSL encryption and how it may be defeated using other tools like SSLStrip.

Make sure you check out the Ettercap page for notes before you start. That's where a lot of the detail has been worked out. This is a CNP (copy-and-paste) project.

Setting Up

Let's walk through the setup required for this type of attack. This does not require any kind of tricky setup. It's a fast and easy attack to carry out, and an attack that virtually all networking equipment is susceptible to.

Wifi Network

This lab will utilize a standard home wifi router, which incorporates an ethernet switch and a wireless router all on board a single device and on a single LAN. The router is the gateway, 192.168.0.1, and both the sheep and the attacker are laptops connected to the router via wifi.

Sheep

The sheep is a normal laptop connected to the wifi. Given the failures with HTTP traffic with Dsniff, this lab will aim low and focus on intercepting HTTP and HTTPS traffic only. We'll work on SSH, email, and sql some other time. The sheep is at 192.168.0.7.

Attacker

The attacker is the same model of laptop, same operating system, connected to the wifi. The attacker is at 192.168.0.8.

Execution

Once the components are in place, we proceed with the execution of the attack. Of course, we start the execution with passive listening and information gathering.

Plan

Step 1: Recon/Info Gathering

Step 2: Prepare for ARP Poisoning

Gather required info

Change MAC

Step 3: ARP Poisoning

Step 4: Dsniff? Other?

Step 5: Sheep Booty

Flags