Packet Packet Sniffing on Kali Linux

-

Hello everyone, I'm Jayneel Chokshi

This blog is releted to Performing Man-in-the-middle attack using Ettercap and analysing the packet using Wireshark


 Requirements :-

1. Kali Linux (On bridge network)

2. Ettercap (Pre-installed on Kali)

3.Wireshark (Pre-installed on Kali)


Let's begin.....

First, we have to connect kali-linux in the same network in which victim was connected.


Note :- "we have to connect kali with the same network of victim."


   Step-1 :- Start Ettercap (GUI version) on Kali-Linux as shown below.

 



 

 Step-2 :- Turn on "Sniffing at startup" option, And select your interface from below

                     option.Then Click on start as shown below.





  

Wait until the message "started unified sniffing" you get as shown below.



   Make sure that your victim is in the network, to check that we have to scan the whole

   network. (Follow the below screenshots)

 



 


Note :- "if it is doesn't showing anything then click on "scan for hosts" as shown below."




 

All connected devices of your network will be displayed as shown below.




   

   Note:- you want to know your victim's IP, to identify your victim's IP network you

      can perform OS Detection Scan through NMAP on the following IP's."

 


   I performed map scans and get my victim IP is 192.168.1.22 and the router IP

   was 192,168.1.1, Now I'm adding my victim to the Target-1 and router to the

   Target-2 to perform ARP poisoning attack.

 




   Step-3 :- After adding both the targets, Start the ARP poisoning as shown below.

 




 






   Step-4 :- After pressing OK, the attack was started.

 

   Now you can monitor all the packets between your victim and router.

 

   Step-5 :- To watch the Packets you need to open Wireshark on Kali. After

           opening Wireshark click on your network interface as shown below.

 

   (My interface is eth0, so I'm clicking on eth0).




 

 Step-6 :- You can see there are many packets shown here. we want packets of our

   victim only so we need to filter the list. to filter paste this on your Wireshark. (Use your

   victim's IP instead of this)

 ip.addr == 192.168.1.22


JAYNEEL CHOKSHI..


 

 

  Step-7 :- Now we will open facebook.com on our victim device and check the packets

                    are displayed here or not.

 


 

   Packet displays that victim is requesting for facebook.com

 


   We have Successfully Sniffed the packets and also performed the ARP Poisoning

   Attack.


Comments

Post a Comment

Popular posts from this blog

Installing And Configuring SNORT on Network Using Kali Linux

-
Image
Hello everyone, I'm Jayneel Chokshi This blog is related to  Configuring SNORT on Network Using Kali Linux What is SNORT ? --> Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.   How it is shown in this blog ? --> Here we will configure SNORT our local Home network.           Here in this blog I will show you how you can get alerts in kali terminal if some user on your local home network(Wifi) is using Instagram, Facebook and Youtube. We will configure some set of custom rules for this three websites. SNORT itself comes with some sort of Pre-defined rules for Securing our network from Scanning and exploiting.   Requirements :- 1. Kali Linux (On bridge network) 2.Router    I have Installed Kali Linux on Virtual box. So lets Start --...
Read more