-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathsniff.html
186 lines (171 loc) · 7.47 KB
/
sniff.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta name="AG" content="guide" />
<title>ArmedGeniuses</title>
<link rel="icon" href="img/logo.png">
<link href="css/style.css" rel="stylesheet" />
<link href="css/icon.css" rel="stylesheet" />
<link href="css/button.css" rel="stylesheet" />
<link rel="stylesheet" href="https://unpkg.com/aos@next/dist/aos.css" />
</head>
<body class="light">
<div class="container">
<div class="placeholder">
<div class="window">
<div class="header">
<div class="header-inner" data-aos="flip-up">
<img src="img/logo.png" alt="Logo" class="site-logo" />
<div class="site-text-box">
<h1 class="site-title">Armed Geniuses</h1>
<h6 class="site-description">Ethical Hacking Simplified</h6>
</div>
<nav class="nav">
<ul class="nav-ul">
<li class="nav-li"><a href="index.html" class="nav-link">Home</a></li>
<li class="nav-li"><a href="setup.html" class="nav-link">Get Started</a></li>
<li class="nav-li"><a href="about.html" class="nav-link">About</a></li>
<li class="nav-li"><a href="contact.html" class="nav-link">Contact</a></li>
</ul>
</nav>
</div>
</div>
</div>
</div>
<button class="btn active spacing" id="myBtn" style="--green-color: var(--btn-background); color: var(--btn-color);">
<span class="btn__content">Theme</span>
<span class="btn__glitch"></span>
<span class="btn__label">1337</span>
</button>
<div id="myModal" class="modal">
<!-- Modal content -->
<div class="modal-content">
<div class="modal-header">
<span class="close">×</span>
<h2>Change Theme</h2>
</div>
<div class="modal-body">
<br /><br /><a class="theme-btn" id="light" href="#">light ☀️</a> <br />
<br /><br /><a class="theme-btn" id="dark" href="#">dark ☾</a> <br /><br />
</div>
</div>
</div>
<p>
<header class="welcome-section">
<h2 class="text-center section-title" style="color: var(--header-color)">Welcome to Armed Geniuses</h2>
<p class="text-center">Here we shall talk about basic hacking and penetration testing. You can
choose one of the type of hacks below.</p>
</header>
<div class="paging-links" data-aos="zoom-in">
<nav>
<ul>
<li class="paging-item"><button class="btn" onclick="window.location.href = 'WPA.html';">
<span class="btn__content">WiFi Hacking</span>
<span class="btn__glitch"></span>
<span class="btn__label">1337</span>
</button></li>
<li class="paging-item"><button class="btn active" onclick="window.location.href = 'sniff.html';">
<span class="btn__content">WiFi Sniffing</span>
<span class="btn__glitch"></span>
<span class="btn__label">1337</span>
</button></li>
<li class="paging-item"><button class="btn" onclick="window.location.href = 'exploit.html';">
<span class="btn__content">Exploitation</span>
<span class="btn__glitch"></span>
<span class="btn__label">1337</span>
</button></li>
<li class="paging-item"><button class="btn" onclick="window.location.href = 'recon.html';">
<span class="btn__content">Recon</span>
<span class="btn__glitch"></span>
<span class="btn__label">1337</span>
</button></li>
</ul>
</nav>
</div>
<div class="content" data-aos="fade-right">
<h4 class="guide-title">Wifi Sniffing using MiTM attacks</h4>
<p class="guide-body">You will need kali linux or any other linux distro with the specific tools
installed. For kali linux, click on
the link below. You will also need kali-linux compatible WiFi adapter for monitor mode and
packet sniffing/injection.
</p>
<button class="btn" onclick="window.location.href = 'https://www.kali.org/downloads/';">
<span class="btn__content">Kali linux</span>
<span class="btn__glitch"></span>
<span class="btn__label">1337</span>
</button>
</div>
<div class="content" data-aos="fade-left">
<h3 class="guide-title">How to install the packages</h3>
<p class="guide-body">Open the terminal window and install the package if not installed.<br />
Here, we'll be using mitmf (Man in the middle framework), to spoof the devices.<br />
If you're using Debian or Debian-based distro,
type:<br /><br />
<code class="code">apt update && apt install mitmf</code></p>
<p class="guide-body">
If you're using Arch linux (you're awesome), then use pacman to install the tools.
<code class="code">pacman -S mitmf</code>
<br /><br />
<b>NOTE:</b> You should already have access to the WiFi network. If
you want to know how to gain access, please check out the WiFi hacking page of this site.
<br /><br />
Now, how this kind of attack works is, the attacker spoofs the user by sending a message
that he's the router, and spoofs the router that he is that user.<br />
Example, lets take the router's IP as 192.168.1.1, the user's is 192.168.1.3, and the attacker's
is 192.168.1.5.
The attacker tells the router that he's 192.168.1.3, and the user that he's 192.168.1.1. So now,
the user's traffic flows through the attacker's computer. So he can analyse the traffic, inject
code onto
the user's browser, and do loads of cool stuff.<br />
<img src="img/mitm.png" alt="MiTM attacker" class="img-class history-img" width="40%"
height="40%" />
<img src="img/arp_spoof.png" alt="Arp Spoof" class="img-class history-img" width="40%"
height="40%" />
<br /><br />
We'll be using a framework called mitmf.<br />
Assuming that the given IPs above is the case [please change it in your case], I am going to use
this tool.
To spoof the user and the router, type:<br />
<code class="code">mitmf --arp --spoof --gateway 192.168.1.1 --target 192.168.1.3 -i wlan0</code>
Where "wlan0" is the wireless interface connected to the said network.<br /><br />
After the command is executed, ARP [Address Resolution Protocol] spoof kicks in, which is
basically becoming the MiTM.
But using the mitmf has extra perks for beginners. It has SSLstrip enabled by default, which
turns any
HTTPS site to HTTP site, where the data is sent in plain text, so we can sniff passwords and
credentials.
Now when the user visits any site, enters any passwords, it'll be displayed on your terminal
screen.
<br />
Now, we will try to take screenshots and launch a keylogger in the target system.<br />
For screenshot, type the below command:<br />
<code class="code">mitmf --arp --spoof --gateway 192.168.1.1 --target 192.168.1.3 -i wlan0 --screen</code>
Now, if you're using Kali Linux, the pictures will be stored in<br /><b>/var/log/mitmf</b>
<br />
<br />
Now for a keylogger,<br />
We'll have to inject JS code which will capture keystrokes of the user.
So type:<br />
<code class="code">mitmf --arp --spoof --gateway 192.168.1.1 --target 192.168.1.3 -i wlan0 --jskeylogger</code>
<br />
<br />
<br />
</p>
</div>
</div>
</div>
</main>
<footer class="footer text-center">
<p>From GitHub
| View: <a rel="nofollow" href="https://github.com/theParanoidScripts">Here</a></p>
</footer>
</div>
<script src="https://unpkg.com/aos@next/dist/aos.js"></script>
<script>
AOS.init();
</script>
<script src="js/popup.js" type="text/javascript"></script>
<script src="js/theme.js" type="text/javascript"></script>
</body>
</html>