Sniff Passwords on your Network using [ARP Poisoning]

Sniff Passwords on your Network using [ARP Poisoning]
Sniff Passwords on your Network using [ARP Poisoning]
Sniff Passwords on your Network using [ARP Poisoning]
Sniff Passwords on your Network using [ARP Poisoning]
Sniff Passwords on your Network using [ARP Poisoning]

What is Man in the Middle Attack?

Man in the Middle Attack is when the attacker is able to intercept the traffic between two authorized parties or systems. This allows the attacker to listen to the traffic and impersonate one of the authorized parties.

Man in the Middle Attack Live [Practical]

In this video, you’ll learn what Man in the Middle Attack is and how to perform this attack in your network using a tool called BetterCAP.

https://youtu.be/42vDy_o5scM

Note: This video is for educational purposes only.

Example:

Let’s say that we have Alice and Bob. They are both having a friendly conversation.

And then, Charlie comes and wants to eavesdrop on the conversation between Alice and Bob.

The cool thing about Charlie is that he remains transparent. This means that Alice and Bob can’t see him. Another thing that Charlie can do is impersonate Alice or Bob’s identity.

So, Charlie can tell Bob that he is Alice and can tell Alice that he is Bob.

As a result of that, Charlie is able to transparently hijack their conversation.

Man in the Middle Attack explanation

What is BetterCAP?

BetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS, and TCP traffic in real time, sniff for credentials, and much more.

source:https://www.bettercap.org/

Types of Man in the Middle Attack:

Rogue Access point: in which the attacker creates a fake access point. And as soon as the victim connects to the network, all the victim’s network traffic can now be manipulated by the attacker.

ARP Spoofing/poisoning is when the attacker poisons the ARP table of the victim. This is what we are going to talk about deeper in this video.

DNS Spoofing: this is very similar to ARP poisoning, in which the attacker poisons the DNS cache of the victim. When Alice wants to browse google.com, she will be redirected to a different website that could be a malicious page the attacker set up.

Commands used:

apt-get update

apt-get install Bettercap

Resources:

https://www.bettercap.org/

Saad Sarraj

I am a CyberSecurity and Ethical Hacking/Penetration Testing passionate. I am also a TryHackMe Top 1% CTF Player.

Leave a Reply

Your email address will not be published. Required fields are marked *