Kali 2015-08-25: Difference between revisions
From charlesreid1
No edit summary |
|||
| Line 5: | Line 5: | ||
Simulating a [[Man in the Middle]] attack over a network using [[Ettercap]] and [[ARP Poisoning]]. | Simulating a [[Man in the Middle]] attack over a network using [[Ettercap]] and [[ARP Poisoning]]. | ||
Caveman | ==Setup== | ||
===Network Configuration=== | |||
Caveman ASCII art of my network configuration: | |||
<pre> | <pre> | ||
| Line 18: | Line 22: | ||
</pre> | </pre> | ||
In this scenario, Kronos <code>10.0.0.19</code> will be attacking Mars <code>10.0.0.133</code> | ===Attacker/Sheep=== | ||
In this scenario, the attacker Kronos <code>10.0.0.19</code> will be attacking the sheep Mars <code>10.0.0.133</code> | |||
Both are running [[Kali]] Linux. | |||
===The Attack=== | |||
As described on the [[ARP Poisoning]] attack page, this attacks the lookup table that every router has that maps IP addresses to MAC addresses. If an attacker can change that talbe, they can receive all traffic intended for another party, make a connection to that party, and forward it along, tampering with the sheep's information. | |||
Revision as of 15:39, 25 August 2015
Man in the Middle with Ettercap
Since I was successful at setting up the configuration for the Evil Twin router attack, but stumbled when it came to actually implementing Man in the Middle/Evil Twin, the idea here is to back up a step, remove the (difficult) Evil Twin configuration, and keep it simple.
Simulating a Man in the Middle attack over a network using Ettercap and ARP Poisoning.
Setup
Network Configuration
Caveman ASCII art of my network configuration:
-------------------- -------------- | Router |---------| kronos | | | | 10.0.0.19 | | | -------------- | | -------------- | 10.0.0.1 |---------| mars | | | | 10.0.0.133 | -------------------- --------------
Attacker/Sheep
In this scenario, the attacker Kronos 10.0.0.19 will be attacking the sheep Mars 10.0.0.133
Both are running Kali Linux.
The Attack
As described on the ARP Poisoning attack page, this attacks the lookup table that every router has that maps IP addresses to MAC addresses. If an attacker can change that talbe, they can receive all traffic intended for another party, make a connection to that party, and forward it along, tampering with the sheep's information.