MITM/Wired/Network Tap: Difference between revisions
From charlesreid1
No edit summary |
|||
| Line 19: | Line 19: | ||
</pre> | </pre> | ||
=Connect to Target and Router= | =Procedure= | ||
==Install Bridge Utils on Attacker== | |||
On machine doing the attacking, you will need bridge utilities to the build the network bridge. Install this before you do any of the rest of these steps. | |||
<pre> | |||
kronos $ apt-get install bridge-utils | |||
</pre> | |||
==Connect to Target and Router== | |||
First step is to replicate the connection described above, either with wireless or wired connections. | First step is to replicate the connection described above, either with wireless or wired connections. | ||
| Line 38: | Line 48: | ||
which is connected to a wireless network and to the internet. This is the connection the sheep will share. | which is connected to a wireless network and to the internet. This is the connection the sheep will share. | ||
==Open IP Addresses== | |||
Configure both devices as open. | |||
<pre> | |||
kronos $ ifconfig eth0 0.0.0.0 | |||
kronos $ ifconfig wlan5 0.0.0.0 | |||
</pre> | |||
Revision as of 17:01, 25 August 2015
Setup
For a wired network tap, we need an attacking device with two network interfaces - one to connect to the sheep, one to connect to the network device.
A physical network tap can be as simple as a crossover cable connecting to the target computer. This is easier if the attacking computer is a router running OpenWRT or a Raspberry Pi or some other low form factor computer.
The Network Arrangement
The network will be arranged as follows:
[ Router ]-----[ Kronos (Attacker) ]------[ Mars (Sheep) ]
Usually the attacker has two ethernet ports, but in this case I'll be using one ethernet port and one wireless card:
[ Router ] ~ ~ ~ ~ [ Kronos (Attacker) ]---------[ Mars (Sheep) ]
Procedure
Install Bridge Utils on Attacker
On machine doing the attacking, you will need bridge utilities to the build the network bridge. Install this before you do any of the rest of these steps.
kronos $ apt-get install bridge-utils
Connect to Target and Router
First step is to replicate the connection described above, either with wireless or wired connections.
Having a wired connection between the attacker and the sheep greatly simplifies the attack.
The attacking machine has an ethernet device connected to a crossover cable connected to the sheep:
kronos $ ifconfig eth0
It also has a wireless card,
kronos $ ifconfig wlan5
which is connected to a wireless network and to the internet. This is the connection the sheep will share.
Open IP Addresses
Configure both devices as open.
kronos $ ifconfig eth0 0.0.0.0 kronos $ ifconfig wlan5 0.0.0.0
 |
monkey in the middle attacks in which an attacker tricks two parties into thinking they're communicating with each other, but both are communicating with the attacker.
Wireless Attacks: MITM/Wireless Wired Attacks: MITM/Wired
Layer 1 and 2 MITM Attacks: Network Tap: MITM/Wired/Network Tap Evil Twin Attack: Evil Twin · MITM/Evil Twin
Layer 3 and 4 MITM Attacks:
ARP Poisoning: MITM/ARP Poisoning Traffic Injection/Modification: MITM/Traffic Injection DNS Attacks: MITM/DNS · Bettercap/Failed DNS Spoofing Attack · Bettercap/Failed DNS Spoofing Attack 2 DHCP Attacks: MITM/DHCP WPAD MITM Attack: MITM/WPAD Port Stealing: MITM/Port Stealing Rushing Attack: MITM/Rushing Attack Attacking HTTPS: MITM/HTTPS
Session Hijacking: MITM/Session Hijacking
Toolz:
SSLSniff · SSLStrip · Frankencert
MITM Labs: {{MITMLabs}}
Category:MITM · Category:Attacks · Category:Kali Attack Layers Template:MITMLabs · Template:MITMFlag Flags · Template:MITMFlag · e |