Man In The Middle Attack ( MITM - Basic )

Man In The Middle Attack ( MITM - Basic )

07:50  Password Hacking, Tools  No comments

Man In The Middle Attack, is when a attacker sits in the middle of a network and captures all the packets transferred between two computers. Lets take an example,  A, connects to a website called B, when A tries to connect to B, A's computer sends a request to B, This requests are sent in form of data packets, now if an attacker is carrying out MITM attack, this packets are being captured by C (attacker). As i said before when A tries to connect to B, it send a request to B. B in response accepts the request and send back the requested data to A, again these data is also been captured by C (attacker). Thats how MITM attack is carried out. It is carried out by Poisoning the Address Resolution Protocol (ARP) of a system. In this tutorial i will show you how to carry out a MITM attack using a tool called Cain And Abel. 

First download Cain and abel from here ( download link ) and install it.

Now open up Cain and go the "Sniffer" tab, activate sniffer by clicking on the button in the left top, now press the "+" button. It should pop up a box called Mac address scanner, select the All hosts in my subnet and click OK.

This should scan all the devices connected to your LAN Like this.

Now select the APR tab in the bottom, just click on the white spcae there, and click the "+" button on top,

It should popup a box called New ARP Poison Routing, and it should show the list of IPs you scanned on the left side, the first IP (192.168.1.1) this is the IP of the router we want. just click on this IP, it should show the other IPs on the right side ( the victims ). Just hightlight all of them or the specific IP you want to spoof and click OK.

After that Activate ARP poisoning by clicking on the ARP button next to the sniffer button on the left top. On clicking the ARP button, it should start to poison the IPs and you can see the status below it.

Now you can see the passwords and the data sniffed on passwords tab in the bottom. click on the HTTP, and you should be able to see all the Data Sniffed from websites including username and passwords and email passwords and more.