Man in the middle attack with Kali Linux 2.0
- Kali Linux
- Driftnet(Pre-installed in kali)
- Ettercap(Pre-installed in kali)
In a man in the middle attack(MITM) hacker tries to intercept information/data/communication between 2 users. MITM attacks can be performed with both network interfaces ethernet and wireless.
In this article we will be capturing all the image data that is travelling across our target network. Remember you should be connected to the same network as the victim.
Whatever images our victims will browse we will see them in real time.We will be using driftnet and ettercap to perform this attack.
Connect To your target network.
First thing we need to do is configure etter.conf file. So open your terminal and type the following command. Set ec_uid and ec_gid values to 0.
root@seven:~# leafpad /etc/ettercap/etter.conf
Now scroll down and find the below lines.You need to remove the pound sign from both lines.It will enable us to use iptables.just comment out lines.Now save and close the file.
Now it's time to launch ettercap.
root@seven:~# ettercap -G
Once ettercap GUI is launched.Go to the options and select promisc mode
Now go to the sniff and select unified sniff.
Now this point is important.You need to select interface i am connected to internet with ethernet so i am selecting eth0.If you are connected to internet with wifi then you must select wlan0 interface from dropdown. Make your selection and click ok.
Go to the hosts and select scan for hosts options.It will find all the devices connected to your network.
Go to the hosts again and select hosts list.You will see all the devices connected to your network.If you are not satisfied then scan again for hosts.
Go to the start menu and select start sniffing.
Now go to the MITM and and select arp poisoning.
Now you will be presented with the below prompt select sniff remote connections
Open another terminal we need to start driftnet.
Use the same interface that you used during configuring ettercap.
root@seven:~# driftnet -i eth0
Now everything is set .When you execute the above command a drifnet window will open up.Now whatever images our victims browse you will see inside drifnet window.