150
◾
Ethical Hacking and Penetration Testing Guide
Step 5
—Next, we will right-click on the packet and click on “Follow tcp stream,” which will
show us the original post request generated from the victim’s browser. The output would
look something like the following:
As you can see, the POST request contains the username “admin” and the password “pass.”
There are many different types of filters in Wireshark used to filter out different types of traffic.
We have already discussed some of them. Personally, I would suggest you to take a look at the
Wireshark manual available at wireshark.org.
Ettercap
Ettercap is said to be the Swiss army knife of network-based attacks. With ettercap, you can per-
form different types of ARP spoofing attacks. In addition, it has lots of interesting plug-ins you
can use. I would recommend you to use ettercap over arpspoof and other tools in the dsniff toolset
because it has more features and you can do pretty much any task with ettercap, to accomplish
which you will need multiple tools in dsniff.
Dostları ilə paylaş: