Powered by Blogger.

Man In The Middle Attack (MITM)

The man-in-the-middle are attacking technic that intercept communication between two system or computer. So that we can sniff all the data that being request by the victims. The data that request by the victims also can be modify or read.

This technic only work when you are in same network with the victims. Like wifi connection, cc, school lab, and others.

This diagram shows us a normal communication wlan


This diagram shows us how the-man-in-middle-attack work


So from above diagram, we can see that the attacker PC was locate at the middle between the victim A and victim B. That means all the request from victim A and B are through attacker PC. Attacker PC can read the request of victim also edit the request.

Real Situation (Educational Purpose Only)

For this tutorial i will use :
  1. Windows 7 as victim
  2. Bactrack 5r3 Linux as attacker (running in virtual box)
  3. Ettercap - already installed in Backtrack

Step :
1. Launch Backtrack



2. Launch Ettercap-GTK



3. Choose unified sniffing



4. Choose Network Interface (in my case eth0)



5. Scan for hosts



6. Click host list



7.Choose modem IP as add to target 1 and victim IP as add to target 2. You can select more than 1 IP for victim but makesure it's not your IP :)




8. Click MITM > ARP Poisoning > Sniff Remote Connection


9. Start Sniffing




For this tutorial i will show how to sniff  HTTP (Not HTTPS) login name and password


10. Victim try to login HTTP page







0 comments :

Post a Comment