Man in The Middle Attack in Kali Linux
Occasionally not known by the sender or the receiver Man in The Middle attack is a strategy to sniff packets between the two parties in a channel. MITM aims to target the channel’s base station and uses ARP to spoof MAC addresses as IP address in HTTP websites.
Man in the Middle attack
Eavesdropping is the technique adopted to sniff packets between source and destination. In this technique, the attacker spoofs his address by creating a fake IP address by relaying to ARP. Only the hacker knows that it is used to spy packets.
You might ask what might happen if they sniff packets? The attacker finds a lot of information from your computer. Like passwords, messages, transactions. Any website without SSL i.e, without HTTPS, is openly vulnerable for spying on your network activity. That doesn’t mean an https website is not vulnerable.
Public key infrastructures, such as Transport Layer Security(TLS), uses security against attacks in Transmission Control Protocol(TCP).
Ettercap and Evilgrade tools are used in MITM attacks.
How is MITM Carried Out?
Disclaimer: I carried out a MITM attack on my mobile on a social media site. Due to security reasons, I won’t post the screenshots. I’ll be posting some random screenshot.
We’ll go step by step.
- Open Ettercap from Kali Linux applications.
- Make sure that your target is connected to a WLAN and make sure that your device is connected to a wireless adapter.
- Open options to select ‘sniff’ and then select the type of network let’s say ‘wlan0’.
- Then you will see all the devices connected, their IP’s and MAC addresses.
- Choose your target to ARP spoof. You will see the log at the bottom, the device activity would be visible to you.
- Now if your device logs in to a website with username and password you will see the URL and the get methods in the URL.
- You can also drop some packets by intercepting with the device and while retransmitting collect all the information about the communication.
Any disadvantage? Yes! If your network is an open network without any firewalls it’s easy getting passwords. Else, you’ll get caught by the FBI!
Thank you! Please read my other post on Support Vector Machines