Kali 2015-08-25: Difference between revisions

From charlesreid1
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
=Man in the Middle with Ettercap=
=MITM=


Since I was successful at setting up the configuration for the [[Evil Twin]] router attack, but stumbled when it came to actually implementing [[Man in the Middle/Evil Twin]], the idea here is to back up a step, remove the (difficult) Evil Twin configuration, and keep it simple.
Some cleanup on the [[Man in the Middle]] page.


Simulating a [[Man in the Middle]] attack over a network using [[Ettercap]] and [[ARP Poisoning]].
Wired: Network tap, then ARP poisoning.


==Setup==
Wireless: Network tap (evil twin), then ARP poisoning.


===Network Configuration===
Since I was successful at setting up the configuration for the [[Evil Twin]] router attack, but stumbled when it came to actually implementing the man in the middle attack,the idea here is to back up a step, remove the tricky Evil Twin configuration, and keep it simple.


Caveman ASCII art of my network configuration:
Notes on setting up a wired network tap here:


<pre>
[[Man in the Middle/Wired/Network Tap]]
--------------------        --------------
|    Router      |---------|  kronos    |
|                  |        | 10.0.0.19  |
|                  |        --------------
|                  |        --------------
|    10.0.0.1    |---------|  mars    |
|                  |        | 10.0.0.133 |
--------------------        --------------
</pre>


===Attacker/Sheep===


In this scenario, the attacker Kronos <code>10.0.0.19</code> will be attacking the sheep Mars <code>10.0.0.133</code>
{{MITMFlag}}


Both are running [[Kali]] Linux.


===The Attack===
As described on the [[ARP Poisoning]] attack page, this attacks the lookup table that every router has that maps IP addresses to MAC addresses. If an attacker can modify entries in that table, they can receive all traffic intended for another party, make a connection to that party, and forward it along, tampering with the sheep's information.
[[Category:Man in the Middle]]
[[Category:Kali]]
[[Category:Wireless]]
[[Category:Log]]
[[Category:Log]]
[[Category:Security]]

Latest revision as of 16:31, 25 August 2015

MITM

Some cleanup on the Man in the Middle page.

Wired: Network tap, then ARP poisoning.

Wireless: Network tap (evil twin), then ARP poisoning.

Since I was successful at setting up the configuration for the Evil Twin router attack, but stumbled when it came to actually implementing the man in the middle attack,the idea here is to back up a step, remove the tricky Evil Twin configuration, and keep it simple.

Notes on setting up a wired network tap here:

Man in the Middle/Wired/Network Tap



Defcon.png
monkey in the middle attacks
in which an attacker tricks two parties into thinking they're communicating with each other, but both are communicating with the attacker.

MITM

Wireless Attacks: MITM/Wireless

Wired Attacks: MITM/Wired


Layer 1 and 2 MITM Attacks:

MITM/Layer 1 and 2

Network Tap: MITM/Wired/Network Tap

Evil Twin Attack: Evil Twin  · MITM/Evil Twin


Layer 3 and 4 MITM Attacks:

MITM/Layer 3 and 4

Traffic Sniffing: MITM/Sniffing

ARP Poisoning: MITM/ARP Poisoning

Traffic Injection/Modification: MITM/Traffic Injection

DNS Attacks: MITM/DNS  · Bettercap/Failed DNS Spoofing Attack  · Bettercap/Failed DNS Spoofing Attack 2

DHCP Attacks: MITM/DHCP

WPAD MITM Attack: MITM/WPAD

Port Stealing: MITM/Port Stealing

Rushing Attack: MITM/Rushing Attack

Attacking HTTPS: MITM/HTTPS


Layer 5 MITM Attacks:

Session Hijacking: MITM/Session Hijacking


Toolz:

Ettercap  · Bettercap  · MITMf  · EvilFOCA

Wireshark  · Aircrack

Dsniff  · Arpspoof  · Dnsspoof

SSLSniff  · SSLStrip  · Frankencert

Driftnet  · Karma


MITM Labs: {{MITMLabs}}


Category:MITM  · Category:Attacks  · Category:Kali Attack Layers

Template:MITMLabs  · Template:MITMFlag

Flags  · Template:MITMFlag  · e




Retrieved from "https://charlesreid1.com/w/index.php?title=Kali_2015-08-25&oldid=8281"