Record simple ARP spoofing and mitm attack processes using ettercap

Source: Internet
Author: User
Tags gtk email account mitm attack
The methods are all from the network. I only record my own operations. Please ignore them ~
Attacked host platform: Kali-Linux attacked HOST: Android phone (within the same LAN) 1. use ettercap for ARP spoofing: Open ettercap: ettercap-C (curses UI) ettercap-g (GTK + GUI) curses UI working interface: GTK + UI working interface: here, GTK + UI is used as an example. After opening ettercap, select sniff ---- uniied-sniffing and then select NIC: Then hosts --- scan for hosts --- hosts list, now we can see that the target host IP address ( is selected, and then click Add to target 1 to add the target host to target 1. Select the route and click Add to Target 2, add route to Target 2:, added successfully! Click mitm --- ARP posoning, select sniff remote connections: And start --- start sniffing to start listening ~ Click View -- connections to view the connection: double-click the link to View Details: the plaintext password of the target host login router is intercepted:

163 email account password:

2. Exploitation Ettercap + driftnetIntercept the image data stream of the target host
Open a terminal window and run the root permission:

Ettercap-I wlan0-TQ-M ARP: Remote/ // ARP spoofing on the target host

Create a terminal window and execute: Driftnet-I wlan0 # Listen to wlan0
(Sorry, the pixel of the backup mobile phone is too bad.) attacked host interface: At this time, the attack host intercepts the image stream interface:
3. cookie hijacking is used to generate cookies when attackers log on to the web page in the browser of the attacker's network account. Since the network data of the attacked user is monitored by us, so can we do something through the monitoring data? First, install the cookie injection plug-in for the browser: chrome: Install cookies. Use the tool cookiehacker to download the installation file or source code. Address: keystore (Suffix: CRX), and then open chrome: // extensions/, click "load developing extended program", select the source code directory, and click "Package extended program" after installation. Then, you are prompted to pack the program yourself, you can install CRX After packaging, or directly drag the downloaded CRX file to this page for installation. After installation, remember to create a shortcut key for this plug-in. The shortcut key is set in the lower right corner, which is Alt + C. Of course, you can select another one. Firefox: Install scripish + original cookie injector, build a tool that can embed cookies in a specific webpage:

Scripish script engine:


Original cookie injector script installation address:


Next, we will open the intercepted data:

Copy the URL to the browser to open the cookie file, copy the cookie file after the "Cookie:" field, open the cookie injection tool of the browser, copy it in, OK, and then refresh the webpage:

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.