4.5
- Stealing username / passwords with Ettercap MITM attack
- This
attack is similar to the previous one, in that ARP spoofing is also
used. However, now the tool Ettercap will be used in its command
shell version. Options used are:
-
T = text only interface
-
q = quiet mode, nor printing packet content
-
M = MITM attack
- ARP
/192.168.0.25/ = ARP
replies sent to "roch" 192.168.0.25
- Once
the attack is launched, "kali" waits for a client to
connect to Outlook. Again, there are neither padlock, nor HTTPS and
green URL bar, because "kali "Ettercap is intercepting
messages between "roch" and the Outook email server:
- Shortly,
both test account name (pruebapfm@hotmail.com) and password
(passwordPFM) are captured by Ettercap:
- At
the victim "roch", it can be checked that not only the
legitimate AP 192.168.01 has got the fake MAC address attached, but
also all the devices connected to the network segment, either wired
or wirelessly:
