Ethical Hacking and Penetration Testing Guide


Sniffing the Traffic with Dsniff



Yüklə 22,44 Mb.
Pdf görüntüsü
səhifə95/235
tarix07.08.2023
ölçüsü22,44 Mb.
#138846
1   ...   91   92   93   94   95   96   97   98   ...   235
Ethical Hacking and Penetration Testing Guide ( PDFDrive )

Sniffing the Traffic with Dsniff
So we have successfully poisoned the ARP cache; now, we will learn about a couple of sniffers that 
capture the traffic. We will take a look at dsniff first, which, as mentioned before, is a Swiss army 
knife of command line sniffing tools.
To run dsniff, we will execute “
dsniff
” command inside our terminal. What this would do 
is capture any clear text password going across the network. So while running dsniff, I logged in 
to an ftp account, and since ftp is a plain text protocol, dsniff managed to capture it.
Sniffing Pictures with Drifnet
If we want to see what the victim is viewing in his browser, we have a great tool called “driftnet,” 
which comes preinstalled with BackTrack. We can use it to capture all the images that victim is 
browsing through. We can do it by executing the following command:
root@bt:~# driftnet –v

148
◾ 
Ethical Hacking and Penetration Testing Guide
This is what the output will be like: we can clearly see that the victim is browsing google.com. 
The “facebook hacked” image is basically from my blog, since I accessed my blog from the victim’s 
browser to demonstrate this tool.
Urlsnarf and Webspy
Urlsnarf and webspy is part of the dsniff toolset; urlsnarf tells us about the URL that the victim has 
visited, whereas the webspy tool will open up all the web pages that the victim has visited in our 
browser.
An example of attacker running urlsnarf to sniff the URLs that victim has visited. The web-
snarf works the same way; however, we need to specify additional arguments. Here is how the 
command would look like:
root@bt:~# webspy –i eth0 192.168.75.142
where eth0 is the interface and 192.168.75.142 is the IP address of the victim.

Network Sniffing
◾ 
149
As urlsnarf keeps track of the URL’s visited by the victim, as soon as the victims connects to 
a new url using his browser or browser would automatically connect to it too, we would know 
what pages the victim is curently on. As you can see from the above screenshot, the victim (on his 
machine) has connected to facebook.com and our browser has automatically opened up Facebook.

Yüklə 22,44 Mb.

Dostları ilə paylaş:
1   ...   91   92   93   94   95   96   97   98   ...   235



Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©azkurs.org 2024
rəhbərliyinə müraciət
gir | qeydiyyatdan keç
    Ana səhifə
Stomatologiya
Anesteziologiya
Cərrahlıq
Ginekologiya
Tibb

yükləyin