MITM Labs/Bettercap Over Wifi
From charlesreid1
Lab Scenario/Overview
This lab covers the use of Ettercap to carry out a Man in the Middle attack on a wifi network. This also covers the case of SSL encryption and how it may be defeated using other tools like SSLStrip.
Make sure you check out the Ettercap page for notes before you start. That's where a lot of the detail has been worked out. This is a CNP (copy-and-paste) project.
Setting Up
Let's walk through the setup required for this type of attack. This does not require any kind of tricky setup. It's a fast and easy attack to carry out, and an attack that virtually all networking equipment is susceptible to.
Wifi Network
This lab will utilize a standard home wifi router, which incorporates an ethernet switch and a wireless router all on board a single device and on a single LAN. The router is the gateway, 192.168.0.1, and both the sheep and the attacker are laptops connected to the router via wifi.
Sheep
The sheep is a normal laptop connected to the wifi. Given the failures with HTTP traffic with Dsniff, this lab will aim low and focus on intercepting HTTP and HTTPS traffic only. We'll work on SSH, email, and sql some other time. The sheep is at 192.168.0.7.
Attacker
The attacker is the same model of laptop, same operating system, connected to the wifi. The attacker is at 192.168.0.8.
Execution
Once the components are in place, we proceed with the execution of the attack. Of course, we start the execution with passive listening and information gathering.