Ethical Hacking and Penetration Testing Guide


ARP Poisoning with Ettercap



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə97/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   93   94   95   96   97   98   99   100   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

ARP Poisoning with Ettercap
Let’s start by performing an ARP poisoning attack with Ettercap. Just follow these steps:
Step 1
—Launch ettercap by executing the following command:
root@bt:#ettercap –G
Step 2
—Next, click on the “Sniff” button at the top and then “Unsniffed bridging” and finally 
select your appropriate interface.


Network Sniffing
◾ 
151
Step 3
—Next, click on “Host List” at the top and click on “Scan for host.” It will scan the whole 
network for all live hosts.
Step 4—
Once the scan is complete, from the hosts menu, click on “Hosts List.” It will display 
all the hosts that it has found within your network.
Step 5
—Next, we need to choose our targets. In this case, I would like to perform sniffing 
between my victim host running Windows XP machine on 192.168.75.142 and our default 
gateway 192.168.75.2. We will add 192.168.75.142 to target 1 and add 192.168.75.2 to 
target 2.
Step 6
—Next click on the “MITM” tab at the top and click on “ARP Poisoning” and then click 
“Ok” to launch the attack.
Step 7
—From the following screenshot, you can see that we are capturing all the traffic going 
to and from the default gateway and the victim.


152
◾ 
Ethical Hacking and Penetration Testing Guide
Step 8
—Finally click on “Start sniffing,” and it will start sniffing the traffic. We can check if ARP 
cache has been successfully poisoned by using the “
chk _ poison
” plug-in from Ettercap.
To use this plug-in, click on the plug-ins menu at the top, and it will display several plug-ins:
Just double-click on the “
chk _ poison
” plug-in, and it will tell you if poison is successful. 
It will show you the following output:
Next, we can use Wireshark to capture all the traffic between the victim’s machine and the 
default gateway like we did earlier.
We can also launch a denial-of-service attack, which I talked about earlier, by using the 

dos _ attack
” plug-in. Another interesting plug-in is “
auto _ add
,” which will automati-
cally add any new targets it finds on your network.

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   93   94   95   96   97   98   99   100   ...   235




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin