Kali man-in-the-middle attack

1. Training content: kali man-in-the-middle attack

Review: https://blog.csdn.net/Waffle666/article/details/113483478

2. Training goals

Use the kali system to simulate an attacker, and use man-in-the-middle attacks to obtain the user name and password for user login

Three, virtual network explanation

Focus on the picture below! ! !

If the virtual machine is bridged to vmnet0 and cannot be connected to the Internet, it may be that your computer has failed to judge (the real machine is connected to WiFi, and the virtual machine is bridged to vmnet0 but the judgment is wrong to bridge the wired
connection) Solution to ensure that the Internet can be connected: virtual machine edit menu ---Virtual Network Editor---Change Settings---vmnet0

VMnet0 is actually the bridge mode, vmnet8 is the nat mode

Sometimes I make a mistake in my judgment, so I choose it manually

If you go to the WiFi connected to McDonald’s on the real machine, you only need to select "wireless" in the picture above (that is, change vmnet0 to Dual Band wireless... When your virtual machine is bridged to v0, your virtual The machine is also bridged to wireless)

Four, environment introduction and topology map

1. Virtual machine software VMware V16.0 version

2. Virtual machine

WindowsXP---simulated client

windows server 2003 - Simulate web and FTP server

kali-simulated attack machine (username root, password toor)

Kali link: https://pan.baidu.com/s/1pl2axOA5pLEeKOOSh0hHIA
extraction code: fck8

3. Web site materials

zhivote

4. Tools

ettercap (included in Kali)

Five, the basic principle of the attack

Six, experimental process

1. Turn on the virtual machine and configure IP
1.1, turn on the three virtual machines of kali, XP, and win2003. Note that a pop-up box will appear when the virtual machine is turned on for the first time. Just select I have moved the virtual machine!
1.2. Put the three virtual machines on the same virtual network, this experiment is vmnet2
1.3, with IP address