Active eavesdropping alters the communication between two parties who believe they are directly communicating with each other. A man-in-the-middle attack allows a malicious actor to intercept, send and receive data meant for someone else. In this tutorial, we will use Cain and Abel to perform this attack.
How does It work?
- The address resolution protocol better known as ARP spoofing allows computers to map Mac addresses to IP addresses.
- We have to remember computers only care about the Mac address, which is the actual hardware address of the network it’s after; the IP address is just there for human benefit.
- This system allows the computer to know who it’s supposed to be sending packets to when an IP address is specified. The man in the middle attack works by tricking ARP or just abusing ARP into updating its mappings and adding our attacker machine’s mac address as the corresponding mac address for any communication task we wish to be in the middle of. Now that we understand what we’re gonna be doing, let’s go ahead and do it.
Activate the Sniffer – Cain and Abel
Let me activate the sniffer at first so that my network adapter discover local area network IP addresses.
Scan for list of IP address so that we can target the victim traffic
After adding range of IP’s to scan, Select All hosts in my Subnet
Address Resolution Protocol Poisoning
Select victims Ip and default gateway so that we can send the arp request.
Start Arp Poisoning:
Lets poison the victim’s network
Victims Traffic Captured
Now the attacker has successfully poisoned victim, as the result below shown arrow is victims destination IP’s, Attacker can resolve this ip and view the website the victim has visited.