Hello Learner how are you?hope you’re fine.In my previous post i explain about how to create a payload- backdoor using fatRat tool.Now today’s we will learn the all ABC of man in the middle attack or we can say in short MITM attack.Here i m going to use a very popular tool called ettercap to perform this mitm attack.And our operating system will be obvious kali linux dear.
I think you are not a newbie in ethical hacking field because Man in the middle attack is not for newbie,you’re the great learner that’s why you’are reading this post.If you want some more advance topic read my this post what is idn homograph attack an how hacker use it for hacking.
Note: This post is only for educational purpose.I did’t harm anyone, I used my own device during explain of this method so please don’t use this method any kind of illegal or malicious activities because hacking is crime if you do this then it’s can land you in jail.I’m not support any kind of illegal or malicious hacking.
Attacker machine = kali linux
victim machine = windows 10 (In my case you can use any os for checking how mitm attack work)2. Ettercap tool
3. basic knowledge of how to execute command in kali linux terminal
4. High speed internet connection
Step By Step Process To Perform MITM Attack
Step:1) Very first open your kali linux machine,and you need to search ettercap tool by going to search bar,her you’ll see 2 ettercap one is command line and another is GUI.
So before using this ettercap tool we’ll need to configure it so follow below some point for configuring it.
a) Open terminal window of kali linux machine
b) Give this command leafpad /etc/ettercap/etter.conf ,after executing this command you’ll see a file called ettercap.conf open in leafpad text editor.
Note:There is one space between leafpad and /etc/ettercap/etter.conf
c) Now a ettercap.conf file will open ,simply scroll down and try to find linux section,now in linux section you will see there are 2 iptables below this sentence if you use iptables.
Simply remove the # sign from the both of iptables which is in the starting point.And after that save this file by going to file then save option.
Step:2) After configuring ettercap tool you need to open kali Linux terminal again and now you need to start the Apache server.I think you know about Apache server if you don’t know then try to know about it here i am not discussing upon it,simply for hosting any file from your system to globally you’ll need to use a server.
Apache server comes inbuilt in Kali Linux.So simply for starting Apache server execute this command service apache2 start
Note: There is one space between service and apache2 and also one space between apache2 and start in above given command.
Step:3) For testing this MITM attack i make a small website and save that site in the apache server.If you don’t know how to host any file from your computer to any other computer anywhere in the world.
Ask me via email i’ll surely help but understand me that this is not the part of my blog post.I hope you understanding.Actually it is very easy to make your computer your own server try google uncle for this otherwise soon I’ll post an article on it.
Step:4) Now friend you”ll need a static ip ,you can check your ip by executing this command in terminal of kali machine ifconfig .And you’ll get your ip ,suppose your ip is 192.168.1.102 (Remember it)
Step:5) After that again go to terminal window and enter this command leafpad /etc/ettercap/etter.dns ,after entering this command a file will open called etter.dns
Note:There is one space between leafpad and /etc/ettercap/etter.dns
Step:6) Now scroll down the file (etter.dns) and try to find out This line redirect it to www.linux.org, Now here you need to set your target.So suppose you are going to hack facebook.com using mitm attack simply make an entry of facebook.com and associate your ip address with facebook.
redirect it to www.linux.org
Facebook.com A 192.168.1.102
*.facebook.com A 192.168.1.102
Step:7) And now save the etter.dns file.
Step:8) Now the time come to do dns spoofing attack on victim’s machine (windows machine in my case).Now again open terminal of kali linux and execute this command ettercap -G
Note:There is one space between ettercap and -G
Step:9) Now ettercap tool will open ,Simply click on sniff option given upper side of the ettercap tool and then click on unified sniffing.
Step:10) After that a popup will come asking for selecting your network interface,In my case my network interface is Ethernet (eth0) .Select your own network interface and click okay.
Step:11) Now you need to stop unified sniffing by going to start option and then click on stop sniffing option
Step:12) After stopping the sniffing you’ll need to select your targeted system which are connected with your LAN connection so simply click on Target option listed upper side of the ettercap tool and then click on hosts and then scan for hosts.Now you’ll see the list of connected system with your’s system.
Step:13) Now again go to hosts list,here you will need to select the gateway ip (just select only) and click on add to target 2.Basically gateway ip listed in the above of all ip and it look like 255.0.1.4.
Step:14) And again select your victim machine ip (just select only) and click on the add to target 1.
Step:15) So in this way you successfully add gateway ip in target 2 location and victim machin’s ip in target 1 location.
Step:16) Now click on MITM option which is listed in the upper side of ettercap tool and then click on ARP Poisoning.Now a popup come where you need to select the sniff remote connection and then click on okay.
Step:17) Now go to plugin option which is situated on the upper side of the ettercap tool then click on manage plugins and then activate the dns spoofing plugin by tapping on it double
Step:18) Ohh god.. now the full set up has completed.Now our attacker machine is ready for doing MITM attack on the targeted machine.Simply click on start button and then start sniffing
Now if your victim will try to open the site facebook.com then instead of it your hosted site will open because of your ip address which you mention in the ettercap.dns file after www.facebook.com.
So friend this is the overall post,if you like this post please share it with your friends.Or in case if you want to ask me something then drop your mail by going to the contact us section of this site,i’ll try to resolve your issue as soon as possible