Hello and welcome back to the course. My name is Dan Hiccup Radius. And in today's video, what I'm gonna be exemplifying is through the Cali Lennix machine and also the Windows machine. How to go ahead and set up not only a man in the middle attack, but also how to do a session hijacking. So before I go ahead and start this, I wantto exemplify that through your virtual machines,
you're gonna have to go through the preferences
and from the preferences aspect. You want to make sure that your network address translation has in that network so that both your target and your client machine has two separate I p s, which is necessary on that network
that's on Windows and same thing on Callie, that network.
So now we're gonna do is we're gonna log in through Windows session Hijacking is the user password recession.
We want to first go ahead and start up. Excellent.
And from here, start up our Apache server so we can run the d v w ay as well as my SQL.
Let's move this suicide now at the same point, we want also run in windows, the command prompt and see what our I P is i p config enter
and in the Cali Lynette's machine. We also want to see that we do have a separate i p. Which is I f config enter.
So here we have 10.0 that 2.5
on the telly machine.
And I'm going back to the windows machine is $10.0 to 15 with a gateway.
Now, you want to start up our men in the middle attack?
So what type of AARP? Smooth
interfaces e th zero.
And the target is the I p of the Windows machine, which is 10.0 that tooth out 15.
And then, of course, we have to put in our gateway,
which is 10.0 that to that one. I'll move this over,
press enter. Make sure it works. Okay, Now the same time you want to do this in reverse order.
So there were capturing packets
both to and from machines. The ARP spoofing
interface, E t zero.
Now, the target this time is the gateway. 1st 10 that zero that to that one
with the I p of 10. That zero to about 15
now we have a really is going
now I'm gonna open up. Who will Chrome?
No. Before I going to do anything, I want to go through Callie and I want to open up the tool that's called wire shop
wire. Shark is very, very interesting. And how it
captures the packets.
So don't worry about this message here. That's fine. What I'm gonna do right now on the windows and machine is go through the actual Devi a location.
So now what I'm gonna do is start capturing my packets on Lennox.
and what I want to do is type in admin
and the password is password. Log in.
Now, what I want to do is I want to go down to D V W security
and change it from impossible to low click on submit.
And at the same time, I want to go through and click on more tools.
Click on developer tools.
Here you go. Here's the session. I d
as well as a security level.
So now let's go ahead and analyzing the next video. Exactly what we've captured
Thank you. Look forward to seeing you in the next video.