Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Sniffing with Wireshark
|
Sniffing with Wireshark
If you have read the “Network Sniffing” chapter (Chapter 6), you would have seen Wireshark in action, where I demonstrated the TCP/IP three-way handshake and how port scanning works. Wireshark, previously known as Ethereal, is one of the best packet sniffers ever. It’s not only used by hackers and penetration testers, but also by network administrators to sort out problems within a network. Since Wireshark is an extensive tool, it’s not possible for me to cover every aspect of this tool in this chapter; however, I will give a quick overview. We will use Wireshark to capture plain text passwords sent across the wire. So let us begin: Step 1 —Launch Wireshark by executing “Wireshark” command from the terminal. Once launched, click on the “Capture” button at the top and click on the “Analyze” button. Step 2 —Next, select the interface you would like to sniff on and click “Start”; in my case, it is eth0. Step 3 —Wireshark will start capturing all the packets going across the network. On the vic- tim’s machine. I will log into a website that supports http authentication and will stop the capture on my attacker machine once I have logged in. Step 4 —Since we have so many packets, we need to ask Wireshark to filter out only HTTP POST requests. So, inside of the filter tab, we will type “http.request.method==POST.” The first request you see is a “POST” request performed to the destination 75.98.17.25 from our victim, which has a source IP 192.168.75.142. 150 ◾ Ethical Hacking and Penetration Testing Guide Step 5 —Next, we will right-click on the packet and click on “Follow tcp stream,” which will show us the original post request generated from the victim’s browser. The output would look something like the following: As you can see, the POST request contains the username “admin” and the password “pass.” There are many different types of filters in Wireshark used to filter out different types of traffic. We have already discussed some of them. Personally, I would suggest you to take a look at the Wireshark manual available at wireshark.org. Ettercap Ettercap is said to be the Swiss army knife of network-based attacks. With ettercap, you can per- form different types of ARP spoofing attacks. In addition, it has lots of interesting plug-ins you can use. I would recommend you to use ettercap over arpspoof and other tools in the dsniff toolset because it has more features and you can do pretty much any task with ettercap, to accomplish which you will need multiple tools in dsniff. Yüklə 22,44 Mb. Dostları ilə paylaş:
|