MITM attacks (Man -In-The -Middle )
MITM are attacks where the attacker places themself between a “victim machine” and the “router”, this generally occurs without the knowledge of the victim.
A MITM attack exploits the real-time packets in transit allowing attackers to intercept, send and receive data never meant to be for them without either outside party knowing until it is too late.
Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you
Victim IP address : 220.127.116.11
Router IP address : 10.0.0.1
Open your terminal and configure your Kali Linux machine to allow packet forwarding, because Kali Linux must act as router between “real router” and the victim.
first step is setting up arpspoof between victim and router.
# sudo arpspoof -i eth0 -t 18.104.22.168 10.0.0.1
And then setting up arpspoof to capture all packet from the router to the victim machine .
# sudo arpspoof -i eth0 10.0.1.1 10.0.1.98
now all the packet sent or received by the victim should be going through the attacker machine.
as an exemple we will capture image trafic , so we need to use drifnet Driftnet ( is a program which listens to network traffic and picks out images )
to run drifnet just type :
# sudo driftnet -i eth0
when the victime browse a website with images , drifnet will capture all images trafic .
this is the victime machine while browsing images
and driftnet will capture all image traffic as shown in the screenshot below.